404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.136.11.217: ~ $
**Example 1: To edit the friendly name of a custom key store**

The following ``update-custom-key-store`` example changes the name of the custom key store. This example works for an AWS CloudHSM key store or an external key store.

Use the ``custom-key-store-id`` to identify the key store. Use the ``new-custom-key-store-name`` parameter to specify the new friendly name.

To update the friendly name of an AWS CloudHSM key store, you must first disconnect the key store, such as by using the ``disconnect-custom-key-store`` command. You can update the friendly name of an external key store while it is connected or disconnected. To find the connection state of your custom key store, use the ``describe-custom-key-store`` command. ::

    aws kms update-custom-key-store \
        --custom-key-store-id cks-1234567890abcdef0 \
        --new-custom-key-store-name ExampleKeyStore

This command does not return any data. To verify that the command worked, use a ``describe-custom-key-stores`` command.

For more information about updating an AWS CloudHSM key store, see `Editing AWS CloudHSM key store settings <https://docs.aws.amazon.com/kms/latest/developerguide/update-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

For more information about updating an external key store, see `Editing external key store properties <https://docs.aws.amazon.com/kms/latest/developerguide/update-xks-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

**Example 2: To edit the kmsuser password of an AWS CloudHSM key store**

The following ``update-custom-key-store`` example updates the value of the ``kmsuser`` password to the current password for the ``kmsuser`` in the CloudHSM cluster associated with the specified key store. This command doesn't change the ``kmsuser`` password it the cluster. It just tells AWS KMS the current password. If KMS doesn't have the current ``kmsuser`` password, it cannot connect to the AWS CloudHSM key store.

**NOTE:** Before updating an AWS CloudHSM key store, you must disconnect it. Use the ``disconnect-custom-key-store`` command. After the command completes, you can reconnect the AWS CloudHSM key store. Use the ``connect-custom-key-store`` command. ::

    aws kms update-custom-key-store \
        --custom-key-store-id cks-1234567890abcdef0 \
        --key-store-password ExamplePassword

This command does not return any output. To verify that the change was effective, use a ``describe-custom-key-stores`` command. 

For more information about updating an AWS CloudHSM key store, see `Editing AWS CloudHSM key store settings <https://docs.aws.amazon.com/kms/latest/developerguide/update-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

**Example 3: To edit the AWS CloudHSM cluster of an AWS CloudHSM key store**

The following example changes the AWS CloudHSM cluster that is associated with an AWS CloudHSM key store to a related cluster, such as a different backup of the same cluster. 

**NOTE:** Before updating an AWS CloudHSM key store, you must disconnect it. Use the ``disconnect-custom-key-store`` command. After the command completes, you can reconnect the AWS CloudHSM key store. Use the ``connect-custom-key-store`` command. ::

    aws kms update-custom-key-store \
        --custom-key-store-id cks-1234567890abcdef0 \
        --cloud-hsm-cluster-id cluster-1a23b4cdefg

This command does not return any output. To verify that the change was effective, use a ``describe-custom-key-stores`` command. 

For more information about updating an AWS CloudHSM key store, see `Editing AWS CloudHSM key store settings <https://docs.aws.amazon.com/kms/latest/developerguide/update-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

**Example 4: To edit the proxy authentication credential of an external key store**

The following example updates the proxy authentication credential for your external key store. You must specify both the ``raw-secret-access-key`` and the ``access-key-id``, even if you are changing only one of the values. You can use this feature to fix an invalid credential or to change the credential when the external key store proxy rotates it.

Establish the proxy authentication credential for AWS KMS on your external key store. Then use this command to provide the credential to AWS KMS. AWS KMS uses this credential to sign its requests to your external key store proxy.

You can update the proxy authentication credential while the external key store is connected or disconnected. To find the connection state of your custom key store, use the ``describe-custom-key-store`` command. ::

    aws kms update-custom-key-store \
        --custom-key-store-id cks-1234567890abcdef0 \
        --xks-proxy-authentication-credential "AccessKeyId=ABCDE12345670EXAMPLE, RawSecretAccessKey=DXjSUawnel2fr6SKC7G25CNxTyWKE5PF9XX6H/u9pSo="

This command does not return any output. To verify that the change was effective, use a ``describe-custom-key-stores`` command. 

For more information about updating an external key store, see `Editing external key store properties <https://docs.aws.amazon.com/kms/latest/developerguide/update-xks-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

**Example 5: To edit the proxy connectivity of an external key store**

The following example changes the external key store proxy connectivity option from public endpoint connectivity to VPC endpoint service connectivity. In addition to changing the ``xks-proxy-connectivity`` value, you must change the ``xks-proxy-uri-endpoint`` value to reflect the private DNS name associated with the VPC endpoint service. You must also add an ``xks-proxy-vpc-endpoint-service-name`` value.

**NOTE:** Before updating the proxy connectivity of an external store, you must disconnect it. Use the ``disconnect-custom-key-store`` command. After the command completes, you can reconnect the external key store by using the ``connect-custom-key-store`` command. ::

    aws kms update-custom-key-store \
        --custom-key-store-id cks-1234567890abcdef0 \
        --xks-proxy-connectivity VPC_ENDPOINT_SERVICE \
        --xks-proxy-uri-endpoint "https://myproxy-private.xks.example.com" \
        --xks-proxy-vpc-endpoint-service-name "com.amazonaws.vpce.us-east-1.vpce-svc-example"

This command does not return any output. To verify that the change was effective, use a ``describe-custom-key-stores`` command. 

For more information about updating an external key store, see `Editing external key store properties <https://docs.aws.amazon.com/kms/latest/developerguide/update-xks-keystore.html>`__ in the *AWS Key Management Service Developer Guide*.

Filemanager

Name Type Size Permission Actions
cancel-key-deletion.rst File 884 B 0644
connect-custom-key-store.rst File 1.08 KB 0755
create-alias.rst File 729 B 0644
create-custom-key-store.rst File 3.75 KB 0755
create-grant.rst File 1.18 KB 0755
create-key.rst File 12.17 KB 0644
decrypt.rst File 4.44 KB 0644
delete-alias.rst File 502 B 0644
delete-custom-key-store.rst File 1.47 KB 0755
delete-imported-key-material.rst File 656 B 0644
describe-custom-key-stores.rst File 5.32 KB 0755
describe-key.rst File 5.76 KB 0644
disable-key-rotation.rst File 679 B 0644
disable-key.rst File 503 B 0644
disconnect-custom-key-store.rst File 1.25 KB 0644
enable-key-rotation.rst File 708 B 0644
enable-key.rst File 1.02 KB 0644
encrypt.rst File 3.47 KB 0644
generate-data-key-pair-without-plaintext.rst File 1.66 KB 0644
generate-data-key-pair.rst File 1.73 KB 0644
generate-data-key-without-plaintext.rst File 1.35 KB 0644
generate-data-key.rst File 3.17 KB 0644
generate-random.rst File 3.16 KB 0644
get-key-policy.rst File 956 B 0644
get-key-rotation-status.rst File 656 B 0644
get-parameters-for-import.rst File 1.36 KB 0644
get-public-key.rst File 2.31 KB 0644
import-key-material.rst File 1.51 KB 0644
list-aliases.rst File 2.72 KB 0755
list-grants.rst File 2.55 KB 0755
list-key-policies.rst File 926 B 0644
list-keys.rst File 1.04 KB 0644
list-resource-tags.rst File 980 B 0644
list-retirable-grants.rst File 2.92 KB 0644
put-key-policy.rst File 3.44 KB 0755
re-encrypt.rst File 3.82 KB 0644
retire-grant.rst File 810 B 0644
revoke-grant.rst File 776 B 0644
schedule-key-deletion.rst File 1.44 KB 0644
sign.rst File 3.08 KB 0644
tag-resource.rst File 891 B 0644
untag-resource.rst File 836 B 0644
update-alias.rst File 814 B 0644
update-custom-key-store.rst File 6.61 KB 0755
update-key-description.rst File 1.85 KB 0644
verify.rst File 1.38 KB 0644