Method list
Returns the list of symmetric KMS keys in the specified folder.
HTTP request
GET https://kms.api.cloud.yandex.net/kms/v1/keys
Query parameters
| Parameter | Description |
|---|---|
| folderId | Required. ID of the folder to list symmetric KMS keys in. The maximum string length in characters is 50. |
| pageSize | The maximum number of results per page to return. If the number of available results is larger than pageSize, the service returns a nextPageToken that can be used to get the next page of results in subsequent list requests. Default value: 100. The maximum value is 1000. |
| pageToken | Page token. To get the next page of results, set pageToken to the nextPageToken returned by a previous list request. The maximum string length in characters is 100. |
Response
HTTP Code: 200 - OK
{
"keys": [
{
"id": "string",
"folderId": "string",
"createdAt": "string",
"name": "string",
"description": "string",
"labels": "object",
"status": "string",
"primaryVersion": {
"id": "string",
"keyId": "string",
"status": "string",
"algorithm": "string",
"createdAt": "string",
"primary": true,
"destroyAt": "string",
"hostedByHsm": true
},
"defaultAlgorithm": "string",
"rotatedAt": "string",
"rotationPeriod": "string",
"deletionProtection": true
}
],
"nextPageToken": "string"
}
| Field | Description |
|---|---|
| keys[] | object A symmetric KMS key that may contain several versions of the cryptographic material. |
| keys[]. id |
string ID of the key. |
| keys[]. folderId |
string ID of the folder that the key belongs to. |
| keys[]. createdAt |
string (date-time) Time when the key was created. String in RFC3339 text format. |
| keys[]. name |
string Name of the key. |
| keys[]. description |
string Description of the key. |
| keys[]. labels |
object Custom labels for the key as |
| keys[]. status |
string Current status of the key. |
| keys[]. primaryVersion |
object Primary version of the key, used as the default for all encrypt/decrypt operations, when no version ID is specified. Symmetric KMS key version: metadata about actual cryptographic data. |
| keys[]. primaryVersion. id |
string ID of the key version. |
| keys[]. primaryVersion. keyId |
string ID of the symmetric KMS key that the version belongs to. |
| keys[]. primaryVersion. status |
string Status of the key version. Possible version status.
|
| keys[]. primaryVersion. algorithm |
string Encryption algorithm that should be used when using the key version to encrypt plaintext. Supported symmetric encryption algorithms.
|
| keys[]. primaryVersion. createdAt |
string (date-time) Time when the key version was created. String in RFC3339 text format. |
| keys[]. primaryVersion. primary |
boolean (boolean) Indication of a primary version, that is to be used by default for all cryptographic operations that don't have a key version explicitly specified. |
| keys[]. primaryVersion. destroyAt |
string (date-time) Time when the key version is going to be destroyed. Empty unless the status is String in RFC3339 text format. |
| keys[]. primaryVersion. hostedByHsm |
boolean (boolean) Indication of the version that is hosted by HSM. |
| keys[]. defaultAlgorithm |
string Default encryption algorithm to be used with new versions of the key. Supported symmetric encryption algorithms.
|
| keys[]. rotatedAt |
string (date-time) Time of the last key rotation (time when the last version was created). Empty if the key does not have versions yet. String in RFC3339 text format. |
| keys[]. rotationPeriod |
string Time period between automatic key rotations. |
| keys[]. deletionProtection |
boolean (boolean) Flag that inhibits deletion of the key |
| nextPageToken | string This token allows you to get the next page of results for list requests. If the number of results is greater than the specified pageSize, use the nextPageToken as the value for the pageToken query parameter in the next list request. Each subsequent list request will have its own nextPageToken to continue paging through the results. |