Class CustomerManagedEncryptionConfiguration

java.lang.Object
software.amazon.jsii.JsiiObject
software.amazon.awscdk.services.stepfunctions.EncryptionConfiguration
software.amazon.awscdk.services.stepfunctions.CustomerManagedEncryptionConfiguration
All Implemented Interfaces:
software.amazon.jsii.JsiiSerializable

@Generated(value="jsii-pacmak/1.104.0 (build e79254c)", date="2024-11-27T16:51:05.914Z") @Stability(Stable) public class CustomerManagedEncryptionConfiguration extends EncryptionConfiguration
Define a new CustomerManagedEncryptionConfiguration.

Example:

 import software.amazon.awscdk.services.kms.*;
 import software.amazon.awscdk.*;
 Key kmsKey = new Key(this, "Key");
 StateMachine stateMachine = StateMachine.Builder.create(this, "StateMachineWithCMKEncryptionConfiguration")
         .stateMachineName("StateMachineWithCMKEncryptionConfiguration")
         .definitionBody(DefinitionBody.fromChainable(Chain.start(new Pass(this, "Pass"))))
         .stateMachineType(StateMachineType.STANDARD)
         .encryptionConfiguration(new CustomerManagedEncryptionConfiguration(kmsKey, Duration.seconds(60)))
         .build();
 
  • Constructor Details

    • CustomerManagedEncryptionConfiguration

      protected CustomerManagedEncryptionConfiguration(software.amazon.jsii.JsiiObjectRef objRef)
    • CustomerManagedEncryptionConfiguration

      protected CustomerManagedEncryptionConfiguration(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
    • CustomerManagedEncryptionConfiguration

      @Stability(Stable) public CustomerManagedEncryptionConfiguration(@NotNull IKey kmsKey, @Nullable Duration kmsDataKeyReusePeriodSeconds)
      Parameters:
      kmsKey - This parameter is required.
      kmsDataKeyReusePeriodSeconds -
    • CustomerManagedEncryptionConfiguration

      @Stability(Stable) public CustomerManagedEncryptionConfiguration(@NotNull IKey kmsKey)
      Parameters:
      kmsKey - This parameter is required.
  • Method Details

    • getKmsKey

      @Stability(Stable) @NotNull public IKey getKmsKey()
      The symmetric customer managed KMS key for server-side encryption of the state machine definition, and execution history or activity inputs.

      Step Functions will reuse the key for a maximum of kmsDataKeyReusePeriodSeconds.

      Default: - data is transparently encrypted using an AWS owned key

    • getKmsDataKeyReusePeriodSeconds

      @Stability(Stable) @Nullable public Duration getKmsDataKeyReusePeriodSeconds()
      Maximum duration that Step Functions will reuse customer managed data keys. When the period expires, Step Functions will call GenerateDataKey.

      Must be between 60 and 900 seconds.

      Default: Duration.seconds(300)