Interface CfnStateMachine.IEncryptionConfigurationProperty
Settings to configure server-side encryption for a state machine.
Namespace: Amazon.CDK.AWS.StepFunctions
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface CfnStateMachine.IEncryptionConfigurationPropertySyntax (vb)
Public Interface CfnStateMachine.IEncryptionConfigurationPropertyRemarks
By default, Step Functions provides transparent server-side encryption. With this configuration, you can specify a customer managed AWS KMS key for encryption.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.StepFunctions;
var encryptionConfigurationProperty = new EncryptionConfigurationProperty {
Type = "type",
// the properties below are optional
KmsDataKeyReusePeriodSeconds = 123,
KmsKeyId = "kmsKeyId"
};Synopsis
Properties
| KmsDataKeyReusePeriodSeconds | Maximum duration that Step Functions will reuse data keys. |
| KmsKeyId | An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data. |
| Type | Encryption option for a state machine. |
Properties
KmsDataKeyReusePeriodSeconds
Maximum duration that Step Functions will reuse data keys.
double? KmsDataKeyReusePeriodSeconds { get; }Property Value
Remarks
When the period expires, Step Functions will call GenerateDataKey . Only applies to customer managed keys.
KmsKeyId
An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS KMS key to encrypt data.
string? KmsKeyId { get; }Property Value
Remarks
To specify a AWS KMS key in a different AWS account, you must use the key ARN or alias ARN.
Type
Encryption option for a state machine.
string Type { get; }