View a markdown version of this page

KeyConfigurationType - Amazon Cognito User Pools
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

KeyConfigurationType

Specifies the key configuration for a user pool. Contains settings for encryption keys used to secure user pool data.

This data type is a request parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.

Contents

KeyType

The type of encryption key used for the user pool.

AWS_OWNED_KEY

A key owned by Amazon in Amazon Key Management Service.

CUSTOMER_MANAGED_KEY

A key managed by the customer in Amazon Key Management Service. You must use a multi-region key to enable multi-region replication for a user pool.

Type: String

Valid Values: AWS_OWNED_KEY | CUSTOMER_MANAGED_KEY

Required: No

KmsKeyArn

The Amazon Resource Name (ARN) of the Amazon KMS key used for encryption. If not specified, Amazon managed keys are used.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: