KMS.Client.update_key_description(**kwargs)¶Updates the description of a KMS key. To see the description of a KMS key, use DescribeKey.
The KMS key that you use for this operation must be in a compatible key state. For details, see Key states of KMS keys in the Key Management Service Developer Guide .
Cross-account use : No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.
Required permissions : kms:UpdateKeyDescription (key policy)
Related operations
See also: AWS API Documentation
Request Syntax
response = client.update_key_description(
KeyId='string',
Description='string'
)
[REQUIRED]
Updates the description of the specified KMS key.
Specify the key ID or key ARN of the KMS key.
For example:
1234abcd-12ab-34cd-56ef-1234567890abarn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890abTo get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
[REQUIRED]
New description for the KMS key.
None
Exceptions
KMS.Client.exceptions.NotFoundExceptionKMS.Client.exceptions.InvalidArnExceptionKMS.Client.exceptions.DependencyTimeoutExceptionKMS.Client.exceptions.KMSInternalExceptionKMS.Client.exceptions.KMSInvalidStateExceptionExamples
The following example updates the description of the specified KMS key.
response = client.update_key_description(
# The updated description.
Description='Example description that indicates the intended use of this KMS key.',
# The identifier of the KMS key whose description you are updating. You can use the key ID or the Amazon Resource Name (ARN) of the KMS key.
KeyId='1234abcd-12ab-34cd-56ef-1234567890ab',
)
print(response)
Expected Output:
{
'ResponseMetadata': {
'...': '...',
},
}