AWS Key Management Service (kms)

2024-06-18

1 new action, 1 new condition

Additions

    Actions
  • DeriveSharedSecret
    • Description:  Controls permission to use the specified AWS KMS key to derive shared secrets
    • Access:  Write
    • Resources: 

      Name: key

      Required: Yes

    • Conditions: 

      kms:CallerAccount

      kms:KeyAgreementAlgorithm

      kms:RecipientAttestation:ImageSha384

      kms:RequestAlias

      kms:ViaService

    Conditions
  • kms:KeyAgreementAlgorithm
    • Description:  Filters access to the DeriveSharedSecret operation based on the value of the KeyAgreementAlgorithm parameter in the request
    • Type:  String