Is your feature request related to a problem? Please describe.
aws_kms_key doesn't expose KeyLastUsage returned by GetKeyLastUsage API. This information could help to decide whether the key is unused or not, especially when deciding KMS key in Pending Deletion state is safe to ignore or not.
Describe the solution you'd like
Add key_last_usage column of type timestamp with,
mapping to the KeyLastUsage.Timestampfield from GetKeyLastUsage API response.
SELECT id, key_last_usage
FROM aws_kms_key;
Describe alternatives you've considered
- New columns
key_last_usage (JSON) and key_tracking_start_date (timestamp with) to follow response structure of GetKeyLastUsage API. Below is the response structure.
{
"KeyCreationDate": number,
"KeyId": "string",
"KeyLastUsage": {
"CloudTrailEventId": "string",
"KmsRequestId": "string",
"Operation": "string",
"Timestamp": number
},
"TrackingStartDate": number
}
- New table
aws_kms_key_last_usage to retrieve full response from GetKeyLastUsage API.
Additional context
Is your feature request related to a problem? Please describe.
aws_kms_keydoesn't expose KeyLastUsage returned by GetKeyLastUsage API. This information could help to decide whether the key is unused or not, especially when deciding KMS key in Pending Deletion state is safe to ignore or not.Describe the solution you'd like
Add
key_last_usagecolumn of typetimestamp with,mapping to the
KeyLastUsage.Timestampfield fromGetKeyLastUsageAPI response.Describe alternatives you've considered
key_last_usage(JSON) andkey_tracking_start_date(timestamp with) to follow response structure ofGetKeyLastUsageAPI. Below is the response structure.{ "KeyCreationDate": number, "KeyId": "string", "KeyLastUsage": { "CloudTrailEventId": "string", "KmsRequestId": "string", "Operation": "string", "Timestamp": number }, "TrackingStartDate": number }aws_kms_key_last_usageto retrieve full response fromGetKeyLastUsageAPI.Additional context
GetKeyLastUsageAPI documentationhttps://docs.aws.amazon.com/kms/latest/APIReference/API_GetKeyLastUsage.html