Interface CfnBucket.IEncryptionConfigurationProperty

Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.

Namespace: Amazon.CDK.AWS.S3

Assembly: Amazon.CDK.Lib.dll

Syntax (csharp)

public interface CfnBucket.IEncryptionConfigurationProperty

Syntax (vb)

Public Interface CfnBucket.IEncryptionConfigurationProperty

Remarks

If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then AWS KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner.

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-encryptionconfiguration.html

ExampleMetadata: fixture=_generated

Examples

// The code below shows an example of how to instantiate this type.
             // The values are placeholders you should change.
             using Amazon.CDK.AWS.S3;

             var encryptionConfigurationProperty = new EncryptionConfigurationProperty {
                 ReplicaKmsKeyId = "replicaKmsKeyId"
             };

Synopsis

Properties

ReplicaKmsKeyId

Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

Properties

ReplicaKmsKeyId

Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket.

string ReplicaKmsKeyId { get; }

Property Value

string

Remarks

Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see Asymmetric keys in AWS KMS in the AWS Key Management Service Developer Guide .

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-encryptionconfiguration.html#cfn-s3-bucket-encryptionconfiguration-replicakmskeyid