aws-cdk-lib.aws_opensearchservice.CfnDomain.EncryptionAtRestOptionsProperty

interface EncryptionAtRestOptionsProperty

LanguageType name
.NETAmazon.CDK.AWS.OpenSearchService.CfnDomain.EncryptionAtRestOptionsProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsopensearchservice#CfnDomain_EncryptionAtRestOptionsProperty
Javasoftware.amazon.awscdk.services.opensearchservice.CfnDomain.EncryptionAtRestOptionsProperty
Pythonaws_cdk.aws_opensearchservice.CfnDomain.EncryptionAtRestOptionsProperty
TypeScript aws-cdk-lib » aws_opensearchservice » CfnDomain » EncryptionAtRestOptionsProperty

Whether the domain should encrypt data at rest, and if so, the AWS Key Management Service key to use.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_opensearchservice as opensearchservice } from 'aws-cdk-lib';
const encryptionAtRestOptionsProperty: opensearchservice.CfnDomain.EncryptionAtRestOptionsProperty = {
  enabled: false,
  kmsKeyId: 'kmsKeyId',
};

Properties

NameTypeDescription
enabled?boolean | IResolvableSpecify true to enable encryption at rest.
kmsKeyId?stringThe KMS key ID. Takes the form 1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a . Required if you enable encryption at rest.

enabled?

Type: boolean | IResolvable (optional)

Specify true to enable encryption at rest.

Required if you enable fine-grained access control in AdvancedSecurityOptionsInput .


kmsKeyId?

Type: string (optional)

The KMS key ID. Takes the form 1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a . Required if you enable encryption at rest.

You can also use keyAlias as a value.