KmsEncryptionSettings
A structure that contains the KMS encryption configuration for the policy store. The encryption settings determine what customer-managed KMS key will be used to encrypt all resources within the policy store, and any user-defined context key-value pairs to append during encryption processes.
This data type is used as a field that is part of the EncryptionSettings type.
Contents
Note
In the following list, the required parameters are described first.
- key
-
The customer-managed KMS key Amazon Resource Name (ARN), alias or ID to be used for encryption processes.
Users can provide the full KMS key ARN, a KMS key alias, or a KMS key ID, but it will be mapped to the full KMS key ARN after policy store creation, and referenced when encrypting child resources.
Type: String
Pattern:
[a-zA-Z0-9:/_-]+Required: Yes
- encryptionContext
-
User-defined, additional context to be added to encryption processes.
Type: String to string map
Map Entries: Minimum number of 0 items. Maximum number of 8192 items.
Key Length Constraints: Minimum length of 1.
Value Length Constraints: Minimum length of 1.
Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
