class Aws::KMS::Types::UpdateAliasRequest
@note When making an API call, you may pass UpdateAliasRequest
data as a hash: { alias_name: "AliasNameType", # required target_key_id: "KeyIdType", # required }
@!attribute [rw] alias_name
Identifies the alias that is changing its KMS key. This value must begin with `alias/` followed by the alias name, such as `alias/ExampleAlias`. You cannot use UpdateAlias to change the alias name. @return [String]
@!attribute [rw] target_key_id
Identifies the [customer managed key][1] to associate with the alias. You don't have permission to associate an alias with an [Amazon Web Services managed key][2]. The KMS key must be in the same Amazon Web Services account and Region as the alias. Also, the new target KMS key must be the same type as the current target KMS key (both symmetric or both asymmetric) and they must have the same key usage. Specify the key ID or key ARN of the KMS key. For example: * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab` * Key ARN: `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab` To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey. To verify that the alias is mapped to the correct KMS key, use ListAliases. [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk [2]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk @return [String]
@see docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/UpdateAliasRequest AWS API Documentation
Constants
- SENSITIVE