class Aws::KMS::Types::GetParametersForImportRequest
@see docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetParametersForImportRequest AWS API Documentation
@return [String]
algorithm or choose a longer RSA public key.
ECC_NIST_P521 private key. Instead, use an RSA_AES wrapping
You cannot use an RSA_2048 public key to directly wrap an
Use the longest RSA wrapping key that is practical.
your key material during import.
this wrapping key with the specified wrapping algorithm to protect
The type of RSA public key to return in the response. You will use
@!attribute [rw] wrapping_key_spec
@return [String]<br>: docs.aws.amazon.com/kms/latest/developerguide/importing-keys-get-public-key-and-token.html#select-wrapping-algorithm<br><br><br><br>does not support the RSAES_PKCS1_V1_5 wrapping algorithm.
* RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS
RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key material.
You cannot use the RSAES_OAEP_SHA_1 wrapping algorithm with the
except RSA key material (private key).
* RSAES_OAEP_SHA_1 — Supported for all types of key material,
material.
the RSA_2048 wrapping key spec to wrap ECC_NIST_P521 key
You cannot use the RSAES_OAEP_SHA_256 wrapping algorithm with
material, except RSA key material (private key).
* RSAES_OAEP_SHA_256 — Supported for all types of key
ECC key material.
* RSA_AES_KEY_WRAP_SHA_1 — Supported for wrapping RSA and
ECC key material.
* RSA_AES_KEY_WRAP_SHA_256 — Supported for wrapping RSA and
must use an RSA_AES wrapping algorithm.
material that you are importing. To import an RSA private key, you
The wrapping algorithms that you can use depend on the type of key
key material directly with the RSA public key from KMS.
public key from KMS. For RSAES wrapping algorithms, you encrypt your
an AES key that you generate, then encrypt your AES key with the RSA
For RSA_AES wrapping algorithms, you encrypt your key material with
Management Service Developer Guide*.
information, see [Select a wrapping algorithm] in the *Key
the response to protect your key material during import. For more
The algorithm you will use with the RSA public key (‘PublicKey`) in
@!attribute [rw] wrapping_algorithm
@return [String]
DescribeKey.
To get the key ID and key ARN for a KMS key, use ListKeys or
`arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
* Key ARN:
* Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
For example:
Specify the key ID or key ARN of the KMS key.
key store.
However, you cannot import key material into a KMS key in a custom
All KMS key types are supported, including multi-Region keys.
`EXTERNAL`.
imported key material. The `Origin` of the KMS key must be
The identifier of the KMS key that will be associated with the
@!attribute [rw] key_id