EncryptionConfiguration - Amazon Network Firewall
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

EncryptionConfiguration

A complex type that contains optional Amazon Key Management Service (KMS) encryption settings for your Network Firewall resources. Your data is encrypted by default with an Amazon owned key that Amazon owns and manages for you. You can use either the Amazon owned key, or provide your own customer managed key. To learn more about KMS encryption of your Network Firewall resources, see Encryption at rest with Amazon Key Managment Service in the Network Firewall Developer Guide.

Contents

Type

The type of Amazon KMS key to use for encryption of your Network Firewall resources.

Type: String

Valid Values: CUSTOMER_KMS | AWS_OWNED_KMS_KEY

Required: Yes

KeyId

The ID of the Amazon Key Management Service (KMS) customer managed key. You can use any of the key identifiers that KMS supports, unless you're using a key that's managed by another account. If you're using a key managed by another account, then specify the key ARN. For more information, see Key ID in the Amazon KMS Developer Guide.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: .*\S.*

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: