EC2 / Client / get_ebs_default_kms_key_id



Describes the default KMS key for EBS encryption by default for your account in this Region. You can change the default KMS key for encryption by default using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId.

For more information, see Amazon EBS encryption in the Amazon Elastic Compute Cloud User Guide.

See also: AWS API Documentation

Request Syntax

response = client.get_ebs_default_kms_key_id(

DryRun (boolean) – Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Return type:



Response Syntax

    'KmsKeyId': 'string'

Response Structure

  • (dict) –

    • KmsKeyId (string) –

      The Amazon Resource Name (ARN) of the default KMS key for encryption by default.