EncryptionConfigurationDetails - IAM Identity Center
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

EncryptionConfigurationDetails

The encryption configuration of your IAM Identity Center instance, including the key type, KMS key ARN, and current encryption status.

Note

Customer managed KMS keys for Amazon IAM Identity Center are currently available in select Amazon Regions.

Contents

EncryptionStatus

The current status of encryption configuration.

Type: String

Valid Values: UPDATING | ENABLED | UPDATE_FAILED

Required: No

EncryptionStatusReason

Provides additional context about the current encryption status. This field is particularly useful when the encryption status is UPDATE_FAILED. When encryption configuration update fails, this field contains information about the cause, which may include KMS key access issues, key not found errors, invalid key configuration, key in an invalid state, or a disabled key.

Type: String

Pattern: [\p{L}\p{M}\p{Z}\p{S}\p{N}\p{P}]*

Required: No

KeyType

The type of KMS key used for encryption.

Type: String

Valid Values: AWS_OWNED_KMS_KEY | CUSTOMER_MANAGED_KEY

Required: No

KmsKeyArn

The ARN of the KMS key currently used to encrypt data in your IAM Identity Center instance.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:(aws|aws-us-gov|aws-cn|aws-iso|aws-iso-[bcd]):kms:([a-z]{2,}(-[a-z0-9]+)+){1}:[0-9]{12}:key/(mrk-[a-f0-9]{32}|[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12})

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: