Method get
Returns the specified symmetric KMS key.
To get the list of available symmetric KMS keys, make a list request.
HTTP request
GET https://kms.api.cloud.yandex.net/kms/v1/keys/{keyId}
Path parameters
Parameter | Description |
---|---|
keyId | Required. ID of the symmetric KMS key to return. To get the ID of a symmetric KMS key use a list request. The maximum string length in characters is 50. |
Response
HTTP Code: 200 - OK
{
"id": "string",
"folderId": "string",
"createdAt": "string",
"name": "string",
"description": "string",
"labels": "object",
"status": "string",
"primaryVersion": {
"id": "string",
"keyId": "string",
"status": "string",
"algorithm": "string",
"createdAt": "string",
"primary": true,
"destroyAt": "string"
},
"defaultAlgorithm": "string",
"rotatedAt": "string",
"rotationPeriod": "string",
"deletionProtection": true
}
A symmetric KMS key that may contain several versions of the cryptographic material.
Field | Description |
---|---|
id | string ID of the key. |
folderId | string ID of the folder that the key belongs to. |
createdAt | string (date-time) Time when the key was created. String in RFC3339 text format. |
name | string Name of the key. |
description | string Description of the key. |
labels | object Custom labels for the key as |
status | string Current status of the key. |
primaryVersion | object Primary version of the key, used as the default for all encrypt/decrypt operations, when no version ID is specified. Symmetric KMS key version: metadata about actual cryptographic data. |
primaryVersion. id |
string ID of the key version. |
primaryVersion. keyId |
string ID of the symmetric KMS key that the version belongs to. |
primaryVersion. status |
string Status of the key version. Possible version status.
|
primaryVersion. algorithm |
string Encryption algorithm that should be used when using the key version to encrypt plaintext. Supported symmetric encryption algorithms.
|
primaryVersion. createdAt |
string (date-time) Time when the key version was created. String in RFC3339 text format. |
primaryVersion. primary |
boolean (boolean) Indication of a primary version, that is to be used by default for all cryptographic operations that don't have a key version explicitly specified. |
primaryVersion. destroyAt |
string (date-time) Time when the key version is going to be destroyed. Empty unless the status is String in RFC3339 text format. |
defaultAlgorithm | string Default encryption algorithm to be used with new versions of the key. Supported symmetric encryption algorithms.
|
rotatedAt | string (date-time) Time of the last key rotation (time when the last version was created). Empty if the key does not have versions yet. String in RFC3339 text format. |
rotationPeriod | string Time period between automatic key rotations. |
deletionProtection | boolean (boolean) Flag that inhibits deletion of the key |