CreateFieldLevelEncryptionConfig
Create a new field-level encryption configuration.
Request Syntax
POST /2017-10-30/field-level-encryption HTTP/1.1 <?xml version="1.0" encoding="UTF-8"?> <FieldLevelEncryptionConfig xmlns="http://cloudfront.amazonaws.com/doc/2017-10-30/"> <CallerReference>
string
</CallerReference> <Comment>string
</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string
</ContentType> <Format>string
</Format> <ProfileId>string
</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer
</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean
</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean
</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string
</ProfileId> <QueryArg>string
</QueryArg> </QueryArgProfile> </Items> <Quantity>integer
</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionConfig>
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in XML format.
- FieldLevelEncryptionConfig
-
Root level tag for the FieldLevelEncryptionConfig parameters.
Required: Yes
- CallerReference
-
A unique number that ensures the request can't be replayed.
Type: String
Required: Yes
- Comment
-
An optional comment about the configuration.
Type: String
Required: No
- ContentTypeProfileConfig
-
A complex data type that specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.
Type: ContentTypeProfileConfig object
Required: No
- QueryArgProfileConfig
-
A complex data type that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.
Type: QueryArgProfileConfig object
Required: No
Response Syntax
HTTP/1.1 201 <?xml version="1.0" encoding="UTF-8"?> <FieldLevelEncryption> <FieldLevelEncryptionConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> </FieldLevelEncryption>
Response Elements
If the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
- FieldLevelEncryption
-
Root level tag for the FieldLevelEncryption parameters.
Required: Yes
- FieldLevelEncryptionConfig
-
A complex data type that includes the profile configurations specified for field-level encryption.
Type: FieldLevelEncryptionConfig object
- Id
-
The configuration ID for a field-level encryption configuration which includes a set of profiles that specify certain selected data fields to be encrypted by specific public keys.
Type: String
- LastModifiedTime
-
The last time the field-level encryption configuration was changed.
Type: Timestamp
Errors
For information about the errors that are common to all actions, see Common Errors.
- FieldLevelEncryptionConfigAlreadyExists
-
The specified configuration for field-level encryption already exists.
HTTP Status Code: 409
- InconsistentQuantities
-
The value of
Quantity
and the size ofItems
don't match.HTTP Status Code: 400
- InvalidArgument
-
The argument is invalid.
HTTP Status Code: 400
- NoSuchFieldLevelEncryptionProfile
-
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404
- QueryArgProfileEmpty
-
No profile specified for the field-level encryption query argument.
HTTP Status Code: 400
- TooManyFieldLevelEncryptionConfigs
-
The maximum number of configurations for field-level encryption have been created.
HTTP Status Code: 400
- TooManyFieldLevelEncryptionContentTypeProfiles
-
The maximum number of content type profiles for field-level encryption have been created.
HTTP Status Code: 400
- TooManyFieldLevelEncryptionQueryArgProfiles
-
The maximum number of query arg profiles for field-level encryption have been created.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: