Interface CfnDataCatalogEncryptionSettings.ConnectionPasswordEncryptionProperty

All Superinterfaces:
software.amazon.jsii.JsiiSerializable
All Known Implementing Classes:
CfnDataCatalogEncryptionSettings.ConnectionPasswordEncryptionProperty.Jsii$Proxy
Enclosing class:
CfnDataCatalogEncryptionSettings

@Stability(Stable) public static interface CfnDataCatalogEncryptionSettings.ConnectionPasswordEncryptionProperty extends software.amazon.jsii.JsiiSerializable
The data structure used by the Data Catalog to encrypt the password as part of CreateConnection or UpdateConnection and store it in the ENCRYPTED_PASSWORD field in the connection properties.

You can enable catalog encryption or only password encryption.

When a CreationConnection request arrives containing a password, the Data Catalog first encrypts the password using your AWS KMS key. It then encrypts the whole connection object again if catalog encryption is also enabled.

This encryption requires that you set AWS KMS key permissions to enable or restrict access on the password key according to your security requirements. For example, you might want only administrators to have decrypt permission on the password key.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.glue.*;
 ConnectionPasswordEncryptionProperty connectionPasswordEncryptionProperty = ConnectionPasswordEncryptionProperty.builder()
         .kmsKeyId("kmsKeyId")
         .returnConnectionPasswordEncrypted(false)
         .build();
 

See Also: