S3EncryptionConfiguration - Amazon Quantum Ledger Database (Amazon QLDB)

S3EncryptionConfiguration

The encryption settings that are used by a journal export job to write data in an Amazon Simple Storage Service (Amazon S3) bucket.

Contents

KmsKeyArn

The Amazon Resource Name (ARN) for a symmetric customer master key (CMK) in AWS Key Management Service (AWS KMS). Amazon QLDB does not support asymmetric CMKs.

You must provide a KmsKeyArn if you specify SSE_KMS as the ObjectEncryptionType.

KmsKeyArn is not required if you specify SSE_S3 as the ObjectEncryptionType.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 1600.

Required: No

ObjectEncryptionType

The Amazon S3 object encryption type.

To learn more about server-side encryption options in Amazon S3, see Protecting Data Using Server-Side Encryption in the Amazon S3 Developer Guide.

Type: String

Valid Values: SSE_KMS | SSE_S3 | NO_ENCRYPTION

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: