EncryptionConfigurationDetails - IAM Identity Center
ContentsSee Also

EncryptionConfigurationDetails

The encryption configuration of your IAM Identity Center instance, including the key type, KMS key ARN, and current encryption status.

Contents

EncryptionStatus

The current status of encryption configuration.

Type: String

Valid Values: UPDATING | ENABLED | UPDATE_FAILED

Required: No

EncryptionStatusReason

Provides additional context about the current encryption status. This field is particularly useful when the encryption status is UPDATE_FAILED. When encryption configuration update fails, this field contains information about the cause, which may include KMS key access issues, key not found errors, invalid key configuration, key in an invalid state, or a disabled key.

Type: String

Pattern: [\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}]*

Required: No

KeyType

The type of KMS key used for encryption.

Type: String

Valid Values: AWS_OWNED_KMS_KEY | CUSTOMER_MANAGED_KEY

Required: No

KmsKeyArn

The ARN of the KMS key currently used to encrypt data in your IAM Identity Center instance.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-[bcd]):kms:([a-z]{2,}(-[a-z0-9]+)+){1}:[0-9]{12}:key/(mrk-[a-f0-9]{32}|[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: