KMS Grant

A KMS (Key Management Service) Grant in AWS allows for the specification of permissions for a grantee principal to use a customer master key (CMK). Grants are used to allow temporary access to KMS keys without the need to edit key policies or create separate AWS Identity and Access Management (IAM) policies. For more information on KMS Grants, visit the official AWS documentation.

Terraform Mappings:

aws_kms_grant.grant_id

Supported Methods

GET: Get a grant by keyID/grantId
~~LIST~~
SEARCH: Search grants by keyID

Possible Links

`kms-key`

KMS Grants are directly associated with KMS Keys, as they define permissions for accessing or using a specific KMS Key. Each grant is tied to a particular KMS Key and its operations.

`iam-user`

IAM Users can be grantees in a KMS Grant. This means that an IAM User might be granted specific permissions to use a KMS Key defined by the grant.

`iam-role`

IAM Roles act as grantees in a KMS Grant. A KMS Grant can provide an IAM Role with certain permissions to carry out operations using the specified KMS Key.

Supported Methods​

Possible Links​

kms-key​

iam-user​

iam-role​

Supported Methods

Possible Links

`kms-key`

`iam-user`

`iam-role`