KmsEncryptionConfig - AWS HealthLake

KmsEncryptionConfig

The customer-managed-key(CMK) used when creating a data store. If a customer owned key is not specified, an AWS owned key will be used for encryption.

Contents

CmkType

The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and AWS owned CMKs.

Type: String

Valid Values: CUSTOMER_MANAGED_KMS_KEY | AWS_OWNED_KMS_KEY

Required: Yes

KmsKeyId

The KMS encryption key id/alias used to encrypt the data store contents at rest.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 400.

Pattern: (arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:kms:)?([a-z]{2}-[a-z]+(-[a-z]+)?-\d:)?(\d{12}:)?(((key/)?[a-zA-Z0-9-_]+)|(alias/[a-zA-Z0-9:/_-]+))

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: