Queries the details of a key for an ApsaraDB for MongoDB instance.

Usage

When you call the DescribeDBInstanceEncryptionKey operation, the instance must have transparent data encryption (TDE) enabled in BYOK mode. You can call the ModifyDBInstanceTDE operation to enable TDE.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeDBInstanceEncryptionKey

The operation that you want to perform. Set the value to DescribeDBInstanceEncryptionKey.

RegionId String No cn-hangzhou

The region ID the instance. You can call the DescribeDBInstanceAttribute operation to query the region ID of the instance.

DBInstanceId String Yes dds-bp2235****

The ID of the instance.

TargetRegionId String No cn-hangzhou-h

The zone ID of the instance. You can call the DescribeDBInstanceAttribute operation to query the zone ID of the instance.

EncryptionKey String No 2axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

The custom key for the instance. You can call the DescribeUserEncryptionKeyList operation to query the list of custom keys for an ApsaraDB for MongoDB instance.

Response parameters

Parameter Type Example Description
Origin String Aliyun_KMS

The source of the key for the instance.

Description String key description example

The description of the key for the instance.

RequestId String 783C2062-A2D3-4EA8-88AD-E43F990C23BB

The ID of the request.

EncryptionKeyStatus String Enabled

Indicates whether the key for the instance is enabled. Valid values:

  • Enabled
  • Disabled
MaterialExpireTime String 2020-07-06T18:22:03Z

The expiration time of the key for the instance. The time is displayed in UTC. If the value is empty, the key for the instance will not expire.

KeyUsage String ENCRYPT/DECRYPT

The purpose of the key for the instance.

EncryptionKey String 2axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

The key for the instance.

Creator String 123456

The UID of the key creator.

DeleteDate String 2020-07-06T18:22:03Z

The scheduled time when the key for the instance will be deleted. If the value is empty, the key will not be deleted.

Examples

Sample requests

http(s)://mongodb.aliyuncs.com/?Action=DescribeDBInstanceEncryptionKey
&DBInstanceId=dds-bp2235****
&EncryptionKey=2axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
&<Common request parameters>

Sample responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribeDBInstanceEncryptionKeyResponse>
    <Origin>Aliyun_KMS</Origin>
    <Description>key description example</Description>
    <RequestId>783C2062-A2D3-4EA8-88AD-E43F990C23BB</RequestId>
    <EncryptionKeyStatus>Enabled</EncryptionKeyStatus>
    <MaterialExpireTime>2020-07-06T18:22:03Z</MaterialExpireTime>
    <KeyUsage>ENCRYPT/DECRYPT</KeyUsage>
    <EncryptionKey>2axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</EncryptionKey>
    <Creator>123456</Creator>
    <DeleteDate>2020-07-06T18:22:03Z</DeleteDate>
</DescribeDBInstanceEncryptionKeyResponse>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "Origin" : "Aliyun_KMS",
  "Description" : "key description example",
  "RequestId" : "783C2062-A2D3-4EA8-88AD-E43F990C23BB",
  "EncryptionKeyStatus" : "Enabled",
  "MaterialExpireTime" : "2020-07-06T18:22:03Z",
  "KeyUsage" : "ENCRYPT/DECRYPT",
  "EncryptionKey" : "2axxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
  "Creator" : "123456",
  "DeleteDate" : "2020-07-06T18:22:03Z"
}

Error codes

For a list of error codes, visit the API Error Center.