class TableEncryptionV2
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.DynamoDB.TableEncryptionV2 |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awsdynamodb#TableEncryptionV2 |
![]() | software.amazon.awscdk.services.dynamodb.TableEncryptionV2 |
![]() | aws_cdk.aws_dynamodb.TableEncryptionV2 |
![]() | aws-cdk-lib » aws_dynamodb » TableEncryptionV2 |
Represents server-side encryption for a DynamoDB table.
Example
import * as cdk from 'aws-cdk-lib';
import * as kms from 'aws-cdk-lib/aws-kms';
const app = new cdk.App();
const stack = new cdk.Stack(app, 'Stack', { env: { region: 'us-west-2' } });
const tableKey = new kms.Key(stack, 'Key');
const replicaKeyArns = {
'us-east-1': 'arn:aws:kms:us-east-1:123456789012:key/g24efbna-az9b-42ro-m3bp-cq249l94fca6',
'us-east-2': 'arn:aws:kms:us-east-2:123456789012:key/h90bkasj-bs1j-92wp-s2ka-bh857d60bkj8',
};
const globalTable = new dynamodb.TableV2(stack, 'GlobalTable', {
partitionKey: { name: 'pk', type: dynamodb.AttributeType.STRING },
encryption: dynamodb.TableEncryptionV2.customerManagedKey(tableKey, replicaKeyArns),
replicas: [
{ region: 'us-east-1' },
{ region: 'us-east-2' },
],
});
Properties
Name | Type | Description |
---|---|---|
type | Table | |
replica | { [string]: string } | |
table | IKey |
type
Type:
Table
replicaKeyArns?
Type:
{ [string]: string }
(optional)
tableKey?
Type:
IKey
(optional)
Methods
Name | Description |
---|---|
static aws | Configure server-side encryption using an AWS managed key. |
static customer | Configure server-side encryption using customer managed keys. |
static dynamo | Configure server-side encryption using a DynamoDB owned key. |
static awsManagedKey()
public static awsManagedKey(): TableEncryptionV2
Returns
Configure server-side encryption using an AWS managed key.
static customerManagedKey(tableKey, replicaKeyArns?)
public static customerManagedKey(tableKey: IKey, replicaKeyArns?: { [string]: string }): TableEncryptionV2
Parameters
- tableKey
IKey
— the KMS key for the primary table. - replicaKeyArns
{ [string]: string }
— an object containing the ARN of the KMS key to use for each replica table.
Returns
Configure server-side encryption using customer managed keys.
static dynamoOwnedKey()
public static dynamoOwnedKey(): TableEncryptionV2
Returns
Configure server-side encryption using a DynamoDB owned key.