/AWS1/CL_VPSKMSENCSETTINGS¶
A structure that contains the KMS encryption configuration for the policy store. The encryption settings determine what customer-managed KMS key will be used to encrypt all resources within the policy store, and any user-defined context key-value pairs to append during encryption processes.
This data type is used as a field that is part of the EncryptionSettings type.
CONSTRUCTOR¶
IMPORTING¶
Required arguments:¶
iv_key TYPE /AWS1/VPSKMSKEY /AWS1/VPSKMSKEY¶
The customer-managed KMS key Amazon Resource Name (ARN), alias or ID to be used for encryption processes.
Users can provide the full KMS key ARN, a KMS key alias, or a KMS key ID, but it will be mapped to the full KMS key ARN after policy store creation, and referenced when encrypting child resources.
Optional arguments:¶
it_encryptioncontext TYPE /AWS1/CL_VPSENCCONTEXT_W=>TT_ENCRYPTIONCONTEXT TT_ENCRYPTIONCONTEXT¶
User-defined, additional context to be added to encryption processes.
Queryable Attributes¶
key¶
The customer-managed KMS key Amazon Resource Name (ARN), alias or ID to be used for encryption processes.
Users can provide the full KMS key ARN, a KMS key alias, or a KMS key ID, but it will be mapped to the full KMS key ARN after policy store creation, and referenced when encrypting child resources.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_KEY() |
Getter for KEY, with configurable default |
ASK_KEY() |
Getter for KEY w/ exceptions if field has no value |
HAS_KEY() |
Determine if KEY has a value |
encryptionContext¶
User-defined, additional context to be added to encryption processes.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ENCRYPTIONCONTEXT() |
Getter for ENCRYPTIONCONTEXT, with configurable default |
ASK_ENCRYPTIONCONTEXT() |
Getter for ENCRYPTIONCONTEXT w/ exceptions if field has no v |
HAS_ENCRYPTIONCONTEXT() |
Determine if ENCRYPTIONCONTEXT has a value |