ServerSideEncryptionUpdateDetails
Details about the most recent server-side encryption configuration update. When the server-side encryption configuration is changed, dependency on the old KMS key is removed through an asynchronous process. When this update is complete, the domain’s data can only be accessed using the new KMS key.
Contents
- Message
-
Message explaining the current UpdateStatus. When the UpdateStatus is FAILED, this message explains the cause of the failure.
Type: String
Length Constraints: Minimum length of 1.
Required: No
- OldKmsKeyId
-
The previous KMS key ID the domain was encrypted with, before ServerSideEncryptionConfiguration was updated to a new KMS key ID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 2048.
Required: No
- UpdateStatus
-
Status of the server-side encryption update. During an update, if there is an issue with the domain's current or old KMS key ID, such as an inaccessible or disabled key, then the status is FAILED. In order to resolve this, the key needs to be made accessible, and then an UpdateDomain call with the existing server-side encryption configuration will re-attempt this update process.
Type: String
Valid Values:
IN_PROGRESS | COMPLETED | FAILEDRequired: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
