**Autogenerated function** Deletes the specified alias. Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the DescribeKey operation. To get the aliases of all KMS keys, use the ListAliases operation. Each KMS key can have multiple aliases. To change the alias of a KMS key, use DeleteAlias to delete the current alias and CreateAlias to create a new alias. To associate an existing alias with a different KMS key, call UpdateAlias . Args: hub: ctx: name(Text): Alias name resource_id(Text, optional): ID of the KMS alias. Returns: Dict[str, Any] Request Syntax: [kms-alias-name]: aws.kms.alias.absent: - name: string - resource_id: string Examples: .. code-block:: sls alias/eks_cluster_key: aws.kms.alias.absent: - name: alias/eks_cluster_key - resource_id: alias/eks_cluster_key
Describe the resource in a way that can be recreated/managed with the corresponding "present" function Gets a list of aliases in the caller's Amazon Web Services account and region. By default, the ListAliases operation returns all aliases in the account and region. To get only the aliases associated with a particular KMS key, use the KeyId parameter. The ListAliases response can include aliases that you created and associated with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services managed keys in your account. You can recognize Amazon Web Services aliases because their names have the format aws/<service-name> , such as aws/dynamodb . The response might also include aliases that have no TargetKeyId field. These are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key. Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against your KMS aliases quota . Returns: Dict[str, Any] Examples: .. code-block:: bash $ idem describe aws.kms.alias
**Autogenerated function** Creates a friendly name for a KMS key. You can use an alias to identify a KMS key in the KMS console, in the DescribeKey operation and in cryptographic operations ,such as Encrypt and GenerateDataKey . You can also change the KMS key that's associated with the alias ( UpdateAlias ) or delete the alias ( DeleteAlias ) at any time. These operations don't affect the underlying KMS key. You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases. A valid KMS key is required. You can't create an alias without a KMS key. The alias must be unique in the account and Region, but you can have aliases with the same name in different Regions Args: hub: ctx: name(Text): Specifies the alias name. This value must begin with alias/ followed by a name, such as alias/ExampleAlias. The AliasName value must be string of 1-256 characters. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-). The alias name cannot begin with alias/aws/ . The alias/aws/ prefix is reserved for Amazon Web Services managed keys . target_key_id(Text): Associates the alias with the specified customer managed key . The KMS key must be in the same Amazon Web Services Region. A valid key ID is required. If you supply a null or empty string value, this operation returns an error. resource_id(Text, optional): alias name used to identify a KMS key Request Syntax: [kms-alias-name]: aws.kms.alias.present: - target_key_id: 'string' - resource_id: 'string' Returns: Dict[str, Any] Examples: .. code-block:: sls alias/eks_cluster_key: aws.kms.alias.present: - target_key_id: 1234abcd-12ab-34cd-56ef-1234567890ab - resource_id: alias/eks_cluster_key
Full plugin documentation is available on the Idem documentation site - aws.kms.alias .