Payment Cryptography Key

Docs > DDSQL Reference > Data Directory > Payment Cryptography Key

This table represents the Payment Cryptography Key resource from Amazon Web Services.

aws.payment_cryptography_key

Fields

ID	Type	Data Type	Description
_key	core	string
account_id	core	string
create_timestamp	core	timestamp	The date and time when the key was created.
delete_pending_timestamp	core	timestamp	The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when <code>KeyState</code> is <code>DELETE_PENDING</code> and the key is scheduled for deletion.
delete_timestamp	core	timestamp	The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when when the <code>KeyState</code> is <code>DELETE_COMPLETE</code> and the Amazon Web Services Payment Cryptography key is deleted.
derive_key_usage	core	string	The cryptographic usage of an ECDH derived key as deﬁned in section A.5.2 of the TR-31 spec.
enabled	core	bool	Specifies whether the key is enabled.
exportable	core	bool	Specifies whether the key is exportable. This data is immutable after the key is created.
key_arn	core	string	The Amazon Resource Name (ARN) of the key.
key_attributes	core	json	The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.
key_check_value	core	string	The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.
key_check_value_algorithm	core	string	The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.
key_origin	core	string	The source of the key material. For keys created within Amazon Web Services Payment Cryptography, the value is <code>AWS_PAYMENT_CRYPTOGRAPHY</code>. For keys imported into Amazon Web Services Payment Cryptography, the value is <code>EXTERNAL</code>.
key_state	core	string	The state of key that is being created or deleted.
tags	core	hstore
usage_start_timestamp	core	timestamp	The date and time after which Amazon Web Services Payment Cryptography will start using the key material for cryptographic operations.
usage_stop_timestamp	core	timestamp	The date and time after which Amazon Web Services Payment Cryptography will stop using the key material for cryptographic operations.