EncryptionConfiguration

A structure that specifies the KMS key type and KMS key ARN used to encrypt data in your IAM Identity Center instance.

Contents

KeyType

The type of KMS key used for encryption.

Type: String

Valid Values: AWS_OWNED_KMS_KEY | CUSTOMER_MANAGED_KEY

Required: Yes

KmsKeyArn

The ARN of the KMS key used to encrypt data. Required when KeyType is CUSTOMER_MANAGED_KEY. Cannot be specified when KeyType is AWS_OWNED_KMS_KEY.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-[bcd]):kms:([a-z]{2,}(-[a-z0-9]+)+){1}:[0-9]{12}:key/(mrk-[a-f0-9]{32}|[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Java V2

• AWS SDK for Ruby V3