Data Types
Last updated: 2025-12-04 15:44:26
AlgorithmInfo
Algorithm name and ID
Used by actions: ListAlgorithms.
| Name | Type | Description |
|---|---|---|
| KeyUsage | String | Algorithm ID |
| Algorithm | String | Algorithm name |
DataKey
Specifies the data key attribute.
Used by actions: ListDataKeys.
| Name | Type | Required | Description |
|---|---|---|---|
| DataKeyId | String | No | Globally unique id of DataKey. |
DataKeyMetadata
Specifies the data key attribute information.
Used by actions: DescribeDataKey, DescribeDataKeys, ListDataKeyDetail.
| Name | Type | Description |
|---|---|---|
| DataKeyId | String | DataKey globally unique id. |
| KeyId | String | Globally unique id of the CMK. |
| KeyName | String | CMK name. |
| DataKeyName | String | Key name as a more recognizable and understandable data key. |
| NumberOfBytes | Integer | Specifies the length of the data key in bytes. |
| CreateTime | Integer | Key key creation time. |
| Description | String | DataKey description. |
| KeyState | String | DataKey status. valid values: Enabled, Disabled, PendingDelete. |
| CreatorUin | Integer | Creator. |
| Owner | String | Specifies the creator of the data key. valid values: user (user-created) or product name (auto-created by authorized cloud services). |
| DeletionDate | Integer | The time when schedule deletion. |
| Origin | String | Specifies the key material type of DataKey. valid values: TENCENT_KMS (created by KMS), EXTERNAL (user import). |
| HsmClusterId | String | HSM cluster ID (only applicable to KMS exclusive/managed service instance). |
| ResourceId | String | Resource ID in the format of creatorUin/$creatorUin/$dataKeyId. |
| IsSyncReplica | Integer | Whether the key is a primary replica. valid values: 0 (primary), 1 (synced replica). |
| SourceRegion | String | Synchronous original region. |
| SyncStatus | Integer | The state of key synchronization. valid values: 0 (unsynced), 1 (synchronization successful), 2 (synchronization failed), 3 (synchronizing). |
| SyncMessages | String | Sresult description}. |
| SyncStartTime | Integer | Start time of synchronization. |
| SyncEndTime | Integer | Specifies the synchronous end time. |
| SourceHsmClusterId | String | Synchronous original cluster. if empty, it is a public cloud public cluster. |
DestinationSyncConfig
Target region list of the sync task, including region and cluster information. if the cluster is empty, it means public cloud shared cluster. if the cluster is not empty, it means dedicated cluster.
Used by actions: GetServiceStatus.
| Name | Type | Required | Description |
|---|---|---|---|
| DestinationRegion | String | No | Specifies the target region of the synchronization task. |
| HsmClusterId | String | No | HsmClusterId being empty indicates public cloud shared version. if not empty, it indicates exclusive edition cluster in the region. |
DeviceFingerprint
Device fingerprint
Used by actions: DescribeWhiteBoxDeviceFingerprints, OverwriteWhiteBoxDeviceFingerprints.
| Name | Type | Required | Description |
|---|---|---|---|
| Identity | String | Yes | Fingerprint information collected by device fingerprint collector. Its format must be in the following regular expression: ^[0-9a-f]{8}[-][0-9a-f]{14}[-][0-9a-f]{14}[-][0-9a-f]{14}[-][0-9a-f]{16}$ |
| Description | String | No | Description information, such as IP and device name, with a maximum of 1024 bytes. |
ExclusiveHSM
Exclusive edition cluster.
Used by actions: GetServiceStatus.
| Name | Type | Description |
|---|---|---|
| HsmClusterId | String | Dedicated cluster Id. |
| HsmClusterName | String | Dedicated cluster name. |
Key
Returned CMK list information
Used by actions: ListKeys.
| Name | Type | Description |
|---|---|---|
| KeyId | String | Globally unique CMK ID. |
KeyMetadata
CMK attribute information
Used by actions: DescribeKey, DescribeKeys, ListKeyDetail.
| Name | Type | Description |
|---|---|---|
| KeyId | String | Globally unique CMK ID |
| Alias | String | Alias that makes a key more recognizable and understandable |
| CreateTime | Integer | Key creation time |
| Description | String | CMK description |
| KeyState | String | CMK status. Valid values: Enabled, Disabled, PendingDelete, PendingImport, Archived. |
| KeyUsage | String | CMK purpose. Valid values: ENCRYPT_DECRYPT, ASYMMETRIC_DECRYPT_RSA_2048, ASYMMETRIC_DECRYPT_SM2, ASYMMETRIC_SIGN_VERIFY_SM2, ASYMMETRIC_SIGN_VERIFY_RSA_2048, and ASYMMETRIC_SIGN_VERIFY_ECC. |
| Type | Integer | CMK type. 2: FIPS-compliant; 4: SM-CRYPTO |
| CreatorUin | Integer | Creator |
| KeyRotationEnabled | Boolean | Whether key rotation is enabled |
| Owner | String | CMK creator. The value of this parameter is user if the CMK is created by the user, or the corresponding service name if it is created automatically by an authorized Tencent Cloud service. |
| NextRotateTime | Integer | Time of next rotation if key rotation is enabled |
| DeletionDate | Integer | The time when scheduled deletion occurs. |
| Origin | String | CMK key material type. the type created by KMS is TENCENT_KMS. the user-imported type is EXTERNAL. |
| ValidTo | Integer | Valid when Origin is EXTERNAL. indicates the validity date of the key material. 0 means no expiration. |
| ResourceId | String | Resource ID in the format of creatorUin/$creatorUin/$keyId. |
| HsmClusterId | String | HSM cluster ID (valid only for exclusive or managed version KMS service instances). |
| RotateDays | Integer | Key rotation period (days). |
| LastRotateTime | Integer | Last disorderly rotation time (Unix timestamp). |
| IsSyncReplica | Integer | Specifies whether the key is a primary replica. valid values: 0 (primary replica), 1 (synced replica). |
| SourceRegion | String | Synchronous original region. |
| SyncStatus | Integer | The state of key synchronization. valid values: 0 (unsynced), 1 (synchronization successful), 2 (synchronization failed), 3 (synchronizing). |
| SyncMessages | String | Describes the synchronous result. |
| SyncStartTime | Integer | Start time of synchronization. |
| SyncEndTime | Integer | Specifies the synchronous end time. |
| SourceHsmClusterId | String | Synchronous original cluster. if empty, it is a public cloud public cluster. |
Tag
Tag key and tag value
Used by actions: CreateKey, CreateWhiteBoxKey, GenerateDataKey, ImportDataKey.
| Name | Type | Required | Description |
|---|---|---|---|
| TagKey | String | Yes | Tag key |
| TagValue | String | Yes | Tag value |
TagFilter
Tag filter
Used by actions: DescribeWhiteBoxKeyDetails, ListDataKeyDetail, ListKeyDetail.
| Name | Type | Required | Description |
|---|---|---|---|
| TagKey | String | Yes | Tag key |
| TagValue | Array of String | No | Tag value |
WhiteboxKeyInfo
White-box key information
Used by actions: DescribeWhiteBoxKey, DescribeWhiteBoxKeyDetails.
| Name | Type | Description |
|---|---|---|
| KeyId | String | Globally unique white-box key ID |
| Alias | String | Unique alias that makes a key more recognizable and understandable. This parameter cannot be empty, can contain 1 to 60 letters, digits, hyphens (-), and underscores (_), and must begin with a letter or digit. |
| CreatorUin | Integer | Creator |
| Description | String | Key description information |
| CreateTime | Integer | Key creation time in Unix timestamp |
| Status | String | White-box key status. Valid values: Enabled, Disabled |
| OwnerUin | Integer | Creator |
| Algorithm | String | Key algorithm type |
| EncryptKey | String | Base64-encoded white-box encryption key |
| DecryptKey | String | Base64-encoded white-box decryption key |
| ResourceId | String | Resource ID in the format of creatorUin/$creatorUin/$keyId |
| DeviceFingerprintBind | Boolean | Specifies whether there is a device fingerprint bound to the current key. |
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback