Puppet Task: kms_aws_create_grant

Defined in:: tasks/kms_aws_create_grant.json,
tasks/kms_aws_create_grant.rb

Overview

Adds a grant to a customer master key (CMK). The grant specifies who can use the CMK and under what conditions. When setting permissions, grants are an alternative to key policies. To perform this operation on a CMK in a different AWS account, specify the key ARN in the value of the KeyId parameter. For more information about grants, see Grants in the AWS Key Management Service Developer Guide. The result of this operation varies with the key state of the CMK. For details, see How Key State Affects Use of a Customer Master Key in the AWS Key Management Service Developer Guide.

Supports noop? false

Parameters

grantee_principal (Optional[String[1]]) —
grant_tokens (Optional[String[1]]) —
key_id (Optional[String[1]]) —
name (Optional[String[1]]) —
operations (Optional[String[1]]) —
retiring_principal (Optional[String[1]]) —
constraints (Optional[String[1]]) —