CloudTrail.Client.
list_public_keys
(**kwargs)¶Returns all public keys whose private keys were used to sign the digest files within the specified time range. The public key is needed to validate digest files that were signed with its corresponding private key.
Note
CloudTrail uses different private and public key pairs per region. Each digest file is signed with a private key unique to its region. When you validate a digest file from a specific region, you must look in the same region for its corresponding public key.
See also: AWS API Documentation
Request Syntax
response = client.list_public_keys(
StartTime=datetime(2015, 1, 1),
EndTime=datetime(2015, 1, 1),
NextToken='string'
)
dict
Response Syntax
{
'PublicKeyList': [
{
'Value': b'bytes',
'ValidityStartTime': datetime(2015, 1, 1),
'ValidityEndTime': datetime(2015, 1, 1),
'Fingerprint': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Returns the objects or data listed below if successful. Otherwise, returns an error.
PublicKeyList (list) --
Contains an array of PublicKey objects.
Note
The returned public keys may have validity time ranges that overlap.
(dict) --
Contains information about a returned public key.
Value (bytes) --
The DER encoded public key value in PKCS#1 format.
ValidityStartTime (datetime) --
The starting time of validity of the public key.
ValidityEndTime (datetime) --
The ending time of validity of the public key.
Fingerprint (string) --
The fingerprint of the public key.
NextToken (string) --
Reserved for future use.
Exceptions
CloudTrail.Client.exceptions.InvalidTimeRangeException
CloudTrail.Client.exceptions.UnsupportedOperationException
CloudTrail.Client.exceptions.OperationNotPermittedException
CloudTrail.Client.exceptions.InvalidTokenException