ibm 1.85.0 published on Sunday, Nov 9, 2025 by ibm-cloud
ibm 1.85.0 published on Sunday, Nov 9, 2025 by ibm-cloud
Import the details of existing Key Protect and Hyper Protect Crypto Service (HPCS) keys policies as a read-only data source. You can then reference the fields of the data source in other resources within the same configuration using interpolation syntax. Retreives a list of key policies from the hs-crypto or key-protect instance for the provided key id.
Using getKmsKeyPolicies
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getKmsKeyPolicies(args: GetKmsKeyPoliciesArgs, opts?: InvokeOptions): Promise<GetKmsKeyPoliciesResult>
function getKmsKeyPoliciesOutput(args: GetKmsKeyPoliciesOutputArgs, opts?: InvokeOptions): Output<GetKmsKeyPoliciesResult>def get_kms_key_policies(alias: Optional[str] = None,
endpoint_type: Optional[str] = None,
id: Optional[str] = None,
instance_id: Optional[str] = None,
key_id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetKmsKeyPoliciesResult
def get_kms_key_policies_output(alias: Optional[pulumi.Input[str]] = None,
endpoint_type: Optional[pulumi.Input[str]] = None,
id: Optional[pulumi.Input[str]] = None,
instance_id: Optional[pulumi.Input[str]] = None,
key_id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetKmsKeyPoliciesResult]func LookupKmsKeyPolicies(ctx *Context, args *LookupKmsKeyPoliciesArgs, opts ...InvokeOption) (*LookupKmsKeyPoliciesResult, error)
func LookupKmsKeyPoliciesOutput(ctx *Context, args *LookupKmsKeyPoliciesOutputArgs, opts ...InvokeOption) LookupKmsKeyPoliciesResultOutput> Note: This function is named LookupKmsKeyPolicies in the Go SDK.
public static class GetKmsKeyPolicies
{
public static Task<GetKmsKeyPoliciesResult> InvokeAsync(GetKmsKeyPoliciesArgs args, InvokeOptions? opts = null)
public static Output<GetKmsKeyPoliciesResult> Invoke(GetKmsKeyPoliciesInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetKmsKeyPoliciesResult> getKmsKeyPolicies(GetKmsKeyPoliciesArgs args, InvokeOptions options)
public static Output<GetKmsKeyPoliciesResult> getKmsKeyPolicies(GetKmsKeyPoliciesArgs args, InvokeOptions options)
fn::invoke:
function: ibm:index/getKmsKeyPolicies:getKmsKeyPolicies
arguments:
# arguments dictionaryThe following arguments are supported:
- Instance
Id string - The keyprotect instance guid.
- Alias string
- The alias of the key.
- Endpoint
Type string - The type of the public or private endpoint to be used for fetching keys.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Key
Id string - The id of the key.
- Instance
Id string - The keyprotect instance guid.
- Alias string
- The alias of the key.
- Endpoint
Type string - The type of the public or private endpoint to be used for fetching keys.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Key
Id string - The id of the key.
- instance
Id String - The keyprotect instance guid.
- alias String
- The alias of the key.
- endpoint
Type String - The type of the public or private endpoint to be used for fetching keys.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- key
Id String - The id of the key.
- instance
Id string - The keyprotect instance guid.
- alias string
- The alias of the key.
- endpoint
Type string - The type of the public or private endpoint to be used for fetching keys.
- id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- key
Id string - The id of the key.
- instance_
id str - The keyprotect instance guid.
- alias str
- The alias of the key.
- endpoint_
type str - The type of the public or private endpoint to be used for fetching keys.
- id str
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- key_
id str - The id of the key.
- instance
Id String - The keyprotect instance guid.
- alias String
- The alias of the key.
- endpoint
Type String - The type of the public or private endpoint to be used for fetching keys.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- key
Id String - The id of the key.
getKmsKeyPolicies Result
The following output properties are available:
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Instance
Id string - Policies
List<Get
Kms Key Policies Policy> - Alias string
- (String) The alias of the key.
- Endpoint
Type string - Key
Id string - (String) The ID of the key.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Instance
Id string - Policies
[]Get
Kms Key Policies Policy - Alias string
- (String) The alias of the key.
- Endpoint
Type string - Key
Id string - (String) The ID of the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- instance
Id String - policies
List<Get
Kms Key Policies Policy> - alias String
- (String) The alias of the key.
- endpoint
Type String - key
Id String - (String) The ID of the key.
- id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- instance
Id string - policies
Get
Kms Key Policies Policy[] - alias string
- (String) The alias of the key.
- endpoint
Type string - key
Id string - (String) The ID of the key.
- id str
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- instance_
id str - policies
Sequence[Get
Kms Key Policies Policy] - alias str
- (String) The alias of the key.
- endpoint_
type str - key_
id str - (String) The ID of the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- instance
Id String - policies List<Property Map>
- alias String
- (String) The alias of the key.
- endpoint
Type String - key
Id String - (String) The ID of the key.
Supporting Types
GetKmsKeyPoliciesPolicy
- Dual
Auth List<GetDeletes Kms Key Policies Policy Dual Auth Delete> - (List) The data associated with the dual authorization delete policy.
- Rotations
List<Get
Kms Key Policies Policy Rotation> - (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
- Dual
Auth []GetDeletes Kms Key Policies Policy Dual Auth Delete - (List) The data associated with the dual authorization delete policy.
- Rotations
[]Get
Kms Key Policies Policy Rotation - (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
- dual
Auth List<GetDeletes Kms Key Policies Policy Dual Auth Delete> - (List) The data associated with the dual authorization delete policy.
- rotations
List<Get
Kms Key Policies Policy Rotation> - (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
- dual
Auth GetDeletes Kms Key Policies Policy Dual Auth Delete[] - (List) The data associated with the dual authorization delete policy.
- rotations
Get
Kms Key Policies Policy Rotation[] - (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
- dual_
auth_ Sequence[Getdeletes Kms Key Policies Policy Dual Auth Delete] - (List) The data associated with the dual authorization delete policy.
- rotations
Sequence[Get
Kms Key Policies Policy Rotation] - (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
- dual
Auth List<Property Map>Deletes - (List) The data associated with the dual authorization delete policy.
- rotations List<Property Map>
- (List) The key rotation time interval in months, with a minimum of 1, and a maximum of 12.
GetKmsKeyPoliciesPolicyDualAuthDelete
- Created
By string - (String) The unique ID for the resource that created the policy.
- Creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- Crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- Enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- Updated
By string - (String) The unique ID for the resource that updated the policy.
- Created
By string - (String) The unique ID for the resource that created the policy.
- Creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- Crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- Enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- Updated
By string - (String) The unique ID for the resource that updated the policy.
- created
By String - (String) The unique ID for the resource that created the policy.
- creation
Date String - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn String
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled Boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- last
Update StringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By String - (String) The unique ID for the resource that updated the policy.
- created
By string - (String) The unique ID for the resource that created the policy.
- creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By string - (String) The unique ID for the resource that updated the policy.
- created_
by str - (String) The unique ID for the resource that created the policy.
- creation_
date str - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn str
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id str
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- last_
update_ strdate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated_
by str - (String) The unique ID for the resource that updated the policy.
- created
By String - (String) The unique ID for the resource that created the policy.
- creation
Date String - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn String
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled Boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- last
Update StringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By String - (String) The unique ID for the resource that updated the policy.
GetKmsKeyPoliciesPolicyRotation
- Created
By string - (String) The unique ID for the resource that created the policy.
- Creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- Crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- Enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Interval
Month double - (Int) The key rotation time interval in months.
- Last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- Updated
By string - (String) The unique ID for the resource that updated the policy.
- Created
By string - (String) The unique ID for the resource that created the policy.
- Creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- Crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- Enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- Id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- Interval
Month float64 - (Int) The key rotation time interval in months.
- Last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- Updated
By string - (String) The unique ID for the resource that updated the policy.
- created
By String - (String) The unique ID for the resource that created the policy.
- creation
Date String - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn String
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled Boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- interval
Month Double - (Int) The key rotation time interval in months.
- last
Update StringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By String - (String) The unique ID for the resource that updated the policy.
- created
By string - (String) The unique ID for the resource that created the policy.
- creation
Date string - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn string
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id string
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- interval
Month number - (Int) The key rotation time interval in months.
- last
Update stringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By string - (String) The unique ID for the resource that updated the policy.
- created_
by str - (String) The unique ID for the resource that created the policy.
- creation_
date str - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn str
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled bool
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id str
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- interval_
month float - (Int) The key rotation time interval in months.
- last_
update_ strdate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated_
by str - (String) The unique ID for the resource that updated the policy.
- created
By String - (String) The unique ID for the resource that created the policy.
- creation
Date String - (Timestamp) The date the policy was created. The date format follows RFC 3339.
- crn String
- (String) The Cloud Resource Name (CRN) that uniquely identifies your cloud resources.
- enabled Boolean
- (Bool) If set to true, Key Protect enables a dual authorization policy on the key.
- id String
- (String) The v4 UUID used to uniquely identify the policy resource, as specified by RFC 4122.
- interval
Month Number - (Int) The key rotation time interval in months.
- last
Update StringDate - (Timestamp) The date when the policy last replaced or modified. The date format follows RFC 3339.
- updated
By String - (String) The unique ID for the resource that updated the policy.
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.
ibm 1.85.0 published on Sunday, Nov 9, 2025 by ibm-cloud
