Queries details of a specific CMK.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeKey

The operation that you want to perform. Set the value to DescribeKey.

KeyId String Yes 1234abcd-12ab-34cd-56ef-12345678****

The globally unique ID of the CMK. This parameter can also be specified as an alias bound to the CMK. For more information, see Use aliases.

Response parameters

Parameter Type Example Description
RequestId String 3455b9b4-95c1-419d-b310-db6a53b09a39

The ID of the request.

KeyMetadata Struct

The metadata of the CMK.

CreationDate String 2016-03-25T10:42:40Z

The date and time the CMK was created. The time is displayed in UTC.

Description String key description example

The description of the CMK.

KeyId String 08c33a6f-4e0a-4a1b-a3fa-7ddf****

The globally unique ID of the CMK.

KeyState String Enabled

The status of the CMK. For more information, see Effects of CMK states on API operations.

KeyUsage String ENCRYPT/DECRYPT

The purpose of the CMK.

DeleteDate String 2020-07-06T18:22:03Z

The date and time the CMK is scheduled for deletion. For more information, see ScheduleKeyDeletion. This value is only returned if the value of the KeyState parameter is PendingDeletion.

Creator String 123456

The creator of the CMK.

Arn String acs:kms:cn-hangzhou:123456:key/08c33a6f-4e0a-4a1b-a3fa-7ddf****

The Alibaba Cloud Resource Name (ARN) of the CMK.

Origin String Aliyun_KMS

The source of the key material for the CMK.

MaterialExpireTime String 2020-07-06T18:22:03Z

The time and date the key material for the CMK expires. The time is displayed in UTC. If the value is empty, the key material for the CMK does not expire.

ProtectionLevel String SOFTWARE

The protection level of the CMK.

PrimaryKeyVersion String 0ec2d249-9f64-4d8f-9587-1215525e****

The ID of the current primary key version of the symmetric CMK. The primary key version of a CMK is an active encryption key. KMS uses the primary key version of a specified CMK to encrypt data. This parameter is unavailable for asymmetric CMKs.

LastRotationDate String 2019-06-06T18:22:03Z

The date and time the last rotation was performed. The time is displayed in UTC. For a newly created key, the value of this parameter is the date and time the initial version of the new key was generated.

AutomaticRotation String Enabled

Indicates whether automatic key rotation is enabled.

  • Enabled: Automatic rotation is enabled.
  • Disabled: Automatic rotation is disabled.
  • Suspended: KMS suspended the execution of automatic key rotation. For more information, see Automatic key rotation.

This parameter is only available for symmetric CMKs.

RotationInterval String 31536000s

The period of automatic key rotation. Unit: seconds. For example, the seven-day rotation period is 604800s. This value is only returned when the AutomaticRotation parameter is set to Enabled or Suspended.

NextRotationDate String 2020-07-06T18:22:03Z

The time the next rotation is scheduled for execution. This value is only returned when the AutomaticRotation parameter is set to Enabled or Suspended.

KeySpec String Aliyun_AES_256

The type of the CMK.

Examples

Sample requests

https://[Endpoint]/?Action=DescribeKey
&KeyId=1234abcd-12ab-34cd-56ef-12345678****
&<Common request parameters>

Sample success responses

XML format

<KMS>
    <KeyMetadata>
        <CreationDate>2016-03-25T10:42:40Z</CreationDate>
        <Description>key description example</Description>
        <KeyId>08c33a6f-4e0a-4a1b-a3fa-7ddf****</KeyId>
        <KeySpec>Aliyun_AES_256</KeySpec>
        <KeyState>Enabled</KeyState>
        <KeyUsage>ENCRYPT/DECRYPT</KeyUsage>
        <PrimaryKeyVersion>0ec2d249-9f64-4d8f-9587-1215525e****</PrimaryKeyVersion>
        <DeleteDate></DeleteDate>
        <Creator>123456</Creator>
        <Arn>acs:kms:cn-hangzhou:123456:key/08c33a6f-4e0a-4a1b-a3fa-7ddf****</Arn>
        <Origin>Aliyun_KMS</Origin>
        <MaterialExpireTime></MaterialExpireTime>
        <ProtectionLevel>SOFTWARE</ProtectionLevel>
        <LastRotationDate>2019-06-06T18:22:03Z</LastRotationDate>
        <AutomaticRotation>Enabled</AutomaticRotation>
        <RotationInterval>31536000s</RotationInterval>
        <NextRotationDate>2020-07-06T18:22:03Z</NextRotationDate>
    </KeyMetadata>
    <RequestId>3455b9b4-95c1-419d-b310-db6a53b09a39</RequestId>
</KMS>

JSON format

{
        "KeyMetadata": {
                "CreationDate": "2016-03-25T10:42:40Z",
                "Description": "key description example",
                "KeyId": "08c33a6f-4e0a-4a1b-a3fa-7ddf****",
                "KeySpec": "Aliyun_AES_256",
                "KeyState": "Enabled",
                "KeyUsage": "ENCRYPT/DECRYPT",
                "PrimaryKeyVersion": "0ec2d249-9f64-4d8f-9587-1215525e****",
                "DeleteDate": "",
                "Creator":"123456",
                "Arn":"acs:kms:cn-hangzhou:123456:key/08c33a6f-4e0a-4a1b-a3fa-7ddf****",
                "Origin":"Aliyun_KMS",
                "MaterialExpireTime":"",
                "ProtectionLevel":"SOFTWARE",
                "LastRotationDate": "2019-06-06T18:22:03Z",
                "AutomaticRotation": "Enabled",
                "RotationInterval": "31536000s",
                "NextRotationDate": "2020-07-06T18:22:03Z"
        },
        "RequestId": "3455b9b4-95c1-419d-b310-db6a53b09a39"
}

Error codes

For a list of error codes, visit the API Error Center.