ServerSideEncryptionUpdateDetails

Details about the most recent server-side encryption configuration update. When the server-side encryption configuration is changed, dependency on the old KMS key is removed through an asynchronous process. When this update is complete, the domain’s data can only be accessed using the new KMS key.

Contents

Message

Message explaining the current UpdateStatus. When the UpdateStatus is FAILED, this message explains the cause of the failure.

Type: String

Length Constraints: Minimum length of 1.

Required: No

OldKmsKeyId

The previous KMS key ID the domain was encrypted with, before ServerSideEncryptionConfiguration was updated to a new KMS key ID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: No

UpdateStatus

Status of the server-side encryption update. During an update, if there is an issue with the domain's current or old KMS key ID, such as an inaccessible or disabled key, then the status is FAILED. In order to resolve this, the key needs to be made accessible, and then an UpdateDomain call with the existing server-side encryption configuration will re-attempt this update process.

Type: String

Valid Values: IN_PROGRESS | COMPLETED | FAILED

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3