aws-cdk-lib.aws_athena.CfnWorkGroup.EncryptionConfigurationProperty

interface EncryptionConfigurationProperty

LanguageType name
.NETAmazon.CDK.AWS.Athena.CfnWorkGroup.EncryptionConfigurationProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsathena#CfnWorkGroup_EncryptionConfigurationProperty
Javasoftware.amazon.awscdk.services.athena.CfnWorkGroup.EncryptionConfigurationProperty
Pythonaws_cdk.aws_athena.CfnWorkGroup.EncryptionConfigurationProperty
TypeScript aws-cdk-lib » aws_athena » CfnWorkGroup » EncryptionConfigurationProperty

If query results are encrypted in Amazon S3, indicates the encryption option used (for example, SSE_KMS or CSE_KMS ) and key information.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_athena as athena } from 'aws-cdk-lib';
const encryptionConfigurationProperty: athena.CfnWorkGroup.EncryptionConfigurationProperty = {
  encryptionOption: 'encryptionOption',

  // the properties below are optional
  kmsKey: 'kmsKey',
};

Properties

NameTypeDescription
encryptionOptionstringIndicates whether Amazon S3 server-side encryption with Amazon S3-managed keys ( SSE_S3 ), server-side encryption with KMS-managed keys ( SSE_KMS ), or client-side encryption with KMS-managed keys ( CSE_KMS ) is used.
kmsKey?stringFor SSE_KMS and CSE_KMS , this is the KMS key ARN or ID.

encryptionOption

Type: string

Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys ( SSE_S3 ), server-side encryption with KMS-managed keys ( SSE_KMS ), or client-side encryption with KMS-managed keys ( CSE_KMS ) is used.

If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup.


kmsKey?

Type: string (optional)

For SSE_KMS and CSE_KMS , this is the KMS key ARN or ID.