Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.KMS.DisableKeyRotation

Contents

Creating a Request
Request Lenses
Destructuring the Response

Description

Disables automatic rotation of the key material of the specified symmetric encryption KMS key.

Automatic key rotation is supported only on symmetric encryption KMS keys. You cannot enable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To enable or disable automatic rotation of a set of related multi-Region keys, set the property on the primary key.

You can enable (EnableKeyRotation) and disable automatic rotation of the key material in customer managed KMS keys. Key material rotation of Amazon Web Services managed KMS keys is not configurable. KMS always rotates the key material for every year. Rotation of Amazon Web Services owned KMS keys varies.

In May 2022, KMS changed the rotation schedule for Amazon Web Services managed keys from every three years to every year. For details, see EnableKeyRotation.

The KMS key that you use for this operation must be in a compatible key state. For details, see Key states of KMS keys in the Key Management Service Developer Guide.

Cross-account use: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.

Required permissions: kms:DisableKeyRotation (key policy)

Related operations:

EnableKeyRotation
GetKeyRotationStatus

Synopsis

data DisableKeyRotation = DisableKeyRotation' {
- keyId :: Text
}
newDisableKeyRotation :: Text -> DisableKeyRotation
disableKeyRotation_keyId :: Lens' DisableKeyRotation Text
data DisableKeyRotationResponse = DisableKeyRotationResponse' {
}
newDisableKeyRotationResponse :: DisableKeyRotationResponse

Creating a Request

data DisableKeyRotation Source #

See: newDisableKeyRotation smart constructor.

Constructors

DisableKeyRotation'

Fields

keyId :: Text
Identifies a symmetric encryption KMS key. You cannot enable or disable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store.
Specify the key ID or key ARN of the KMS key.
For example:
- Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
- Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

Instances

Instances details

ToJSON DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods toJSON :: DisableKeyRotation -> Value # toEncoding :: DisableKeyRotation -> Encoding # toJSONList :: [DisableKeyRotation] -> Value # toEncodingList :: [DisableKeyRotation] -> Encoding #
ToHeaders DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods toHeaders :: DisableKeyRotation -> [Header] #
ToPath DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods toPath :: DisableKeyRotation -> ByteString #
ToQuery DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods toQuery :: DisableKeyRotation -> QueryString #
AWSRequest DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Associated Types type AWSResponse DisableKeyRotation # Methods request :: (Service -> Service) -> DisableKeyRotation -> Request DisableKeyRotation # response :: MonadResource m => (ByteStringLazy -> IO ByteStringLazy) -> Service -> Proxy DisableKeyRotation -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse DisableKeyRotation))) #
Generic DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Associated Types type Rep DisableKeyRotation :: Type -> Type # Methods from :: DisableKeyRotation -> Rep DisableKeyRotation x # to :: Rep DisableKeyRotation x -> DisableKeyRotation #
Read DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods readsPrec :: Int -> ReadS DisableKeyRotation # readList :: ReadS [DisableKeyRotation] # readPrec :: ReadPrec DisableKeyRotation # readListPrec :: ReadPrec [DisableKeyRotation] #
Show DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods showsPrec :: Int -> DisableKeyRotation -> ShowS # show :: DisableKeyRotation -> String # showList :: [DisableKeyRotation] -> ShowS #
NFData DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods rnf :: DisableKeyRotation -> () #
Eq DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods (==) :: DisableKeyRotation -> DisableKeyRotation -> Bool # (/=) :: DisableKeyRotation -> DisableKeyRotation -> Bool #
Hashable DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods hashWithSalt :: Int -> DisableKeyRotation -> Int # hash :: DisableKeyRotation -> Int #
type AWSResponse DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation type AWSResponse DisableKeyRotation = DisableKeyRotationResponse
type Rep DisableKeyRotation Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation type Rep DisableKeyRotation = D1 ('MetaData "DisableKeyRotation" "Amazonka.KMS.DisableKeyRotation" "amazonka-kms-2.0-6YhT3Ymbf9Z5PoaGoz7tbG" 'False) (C1 ('MetaCons "DisableKeyRotation'" 'PrefixI 'True) (S1 ('MetaSel ('Just "keyId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))

newDisableKeyRotation Source #

Arguments

:: Text	`DisableKeyRotation`
-> DisableKeyRotation

Create a value of DisableKeyRotation with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

DisableKeyRotation, disableKeyRotation_keyId - Identifies a symmetric encryption KMS key. You cannot enable or disable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

Request Lenses

disableKeyRotation_keyId :: Lens' DisableKeyRotation Text Source #

Identifies a symmetric encryption KMS key. You cannot enable or disable automatic rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store.

Specify the key ID or key ARN of the KMS key.

For example:

Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.

Destructuring the Response

data DisableKeyRotationResponse Source #

See: newDisableKeyRotationResponse smart constructor.

Constructors

DisableKeyRotationResponse'

Instances

Instances details

Generic DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Associated Types type Rep DisableKeyRotationResponse :: Type -> Type # Methods from :: DisableKeyRotationResponse -> Rep DisableKeyRotationResponse x # to :: Rep DisableKeyRotationResponse x -> DisableKeyRotationResponse #
Read DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods readsPrec :: Int -> ReadS DisableKeyRotationResponse # readList :: ReadS [DisableKeyRotationResponse] # readPrec :: ReadPrec DisableKeyRotationResponse # readListPrec :: ReadPrec [DisableKeyRotationResponse] #
Show DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods showsPrec :: Int -> DisableKeyRotationResponse -> ShowS # show :: DisableKeyRotationResponse -> String # showList :: [DisableKeyRotationResponse] -> ShowS #
NFData DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods rnf :: DisableKeyRotationResponse -> () #
Eq DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation Methods (==) :: DisableKeyRotationResponse -> DisableKeyRotationResponse -> Bool # (/=) :: DisableKeyRotationResponse -> DisableKeyRotationResponse -> Bool #
type Rep DisableKeyRotationResponse Source #
Instance details Defined in Amazonka.KMS.DisableKeyRotation type Rep DisableKeyRotationResponse = D1 ('MetaData "DisableKeyRotationResponse" "Amazonka.KMS.DisableKeyRotation" "amazonka-kms-2.0-6YhT3Ymbf9Z5PoaGoz7tbG" 'False) (C1 ('MetaCons "DisableKeyRotationResponse'" 'PrefixI 'False) (U1 :: Type -> Type))

newDisableKeyRotationResponse :: DisableKeyRotationResponse Source #

Create a value of DisableKeyRotationResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.