EncryptionConfiguration - IAM Identity Center
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

EncryptionConfiguration

A structure that specifies the KMS key type and KMS key ARN used to encrypt data in your IAM Identity Center instance.

Note

Customer managed KMS keys for Amazon IAM Identity Center are currently available in select Amazon Regions.

Contents

KeyType

The type of KMS key used for encryption.

Type: String

Valid Values: AWS_OWNED_KMS_KEY | CUSTOMER_MANAGED_KEY

Required: Yes

KmsKeyArn

The ARN of the KMS key used to encrypt data. Required when KeyType is CUSTOMER_MANAGED_KEY. Cannot be specified when KeyType is AWS_OWNED_KMS_KEY.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-[bcd]):kms:([a-z]{2,}(-[a-z0-9]+)+){1}:[0-9]{12}:key/(mrk-[a-f0-9]{32}|[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: