TableEncryptionV2
- class aws_cdk.aws_dynamodb.TableEncryptionV2(*args: Any, **kwargs)
Bases:
object
Represents server-side encryption for a DynamoDB table.
- ExampleMetadata:
infused
Example:
import aws_cdk as cdk import aws_cdk.aws_kms as kms app = cdk.App() stack = cdk.Stack(app, "Stack", env=cdk.Environment(region="us-west-2")) table_key = kms.Key(stack, "Key") replica_key_arns = { "us-east-1": "arn:aws:kms:us-east-1:123456789012:key/g24efbna-az9b-42ro-m3bp-cq249l94fca6", "us-east-2": "arn:aws:kms:us-east-2:123456789012:key/h90bkasj-bs1j-92wp-s2ka-bh857d60bkj8" } global_table = dynamodb.TableV2(stack, "GlobalTable", partition_key=dynamodb.Attribute(name="pk", type=dynamodb.AttributeType.STRING), encryption=dynamodb.TableEncryptionV2.customer_managed_key(table_key, replica_key_arns), replicas=[dynamodb.ReplicaTableProps(region="us-east-1"), dynamodb.ReplicaTableProps(region="us-east-2") ] )
Attributes
- replica_key_arns
- table_key
- type
Static Methods
- classmethod aws_managed_key()
Configure server-side encryption using an AWS managed key.
- Return type:
- classmethod customer_managed_key(table_key, replica_key_arns=None)
Configure server-side encryption using customer managed keys.
- Parameters:
table_key (
IKey
) – the KMS key for the primary table.replica_key_arns (
Optional
[Mapping
[str
,str
]]) – an object containing the ARN of the KMS key to use for each replica table.
- Return type:
- classmethod dynamo_owned_key()
Configure server-side encryption using a DynamoDB owned key.
- Return type: