-
Notifications
You must be signed in to change notification settings - Fork 35
/
key.yml
45 lines (45 loc) · 1017 Bytes
/
key.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
ROSTemplateFormatVersion: '2015-09-01'
Description:
zh-cn: 创建KMS密钥与别名,支持加密/解密,设定默认有效期与别名名称。
en: Create KMS keys with aliases, enabling encryption/decryption functionality,
and set default validity periods along with alias names.
Parameters:
KeyUsage:
Type: String
Default: ENCRYPT/DECRYPT
AllowedValues:
- ENCRYPT/DECRYPT
- SIGN/VERIFY
PendingWindowInDays:
Type: Number
Default: 7
MinValue: 7
MaxValue: 30
AliasName:
Type: String
Default: mytest
Resources:
Key:
Type: ALIYUN::KMS::Key
Properties:
KeyUsage:
Ref: KeyUsage
Enable: false
PendingWindowInDays:
Ref: PendingWindowInDays
Description: Test create key
Alias:
Type: ALIYUN::KMS::Alias
Properties:
KeyId:
Fn::GetAtt:
- Key
- KeyId
AliasName:
Fn::Sub: alias/${AliasName}
Outputs:
KeyId:
Value:
Fn::GetAtt:
- Key
- KeyId