com.pulumi.aws.dynamodb.outputs.TableServerSideEncryption Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws Show documentation
Show all versions of aws Show documentation
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
The newest version!
// *** WARNING: this file was generated by pulumi-java-gen. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
package com.pulumi.aws.dynamodb.outputs;
import com.pulumi.core.annotations.CustomType;
import com.pulumi.exceptions.MissingRequiredPropertyException;
import java.lang.Boolean;
import java.lang.String;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Nullable;
@CustomType
public final class TableServerSideEncryption {
/**
* @return Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK). If `enabled` is `false` then server-side encryption is set to AWS-_owned_ key (shown as `DEFAULT` in the AWS console). Potentially confusingly, if `enabled` is `true` and no `kms_key_arn` is specified then server-side encryption is set to the _default_ KMS-_managed_ key (shown as `KMS` in the AWS console). The [AWS KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) explains the difference between AWS-_owned_ and KMS-_managed_ keys.
*
*/
private Boolean enabled;
/**
* @return ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.
*
*/
private @Nullable String kmsKeyArn;
private TableServerSideEncryption() {}
/**
* @return Whether or not to enable encryption at rest using an AWS managed KMS customer master key (CMK). If `enabled` is `false` then server-side encryption is set to AWS-_owned_ key (shown as `DEFAULT` in the AWS console). Potentially confusingly, if `enabled` is `true` and no `kms_key_arn` is specified then server-side encryption is set to the _default_ KMS-_managed_ key (shown as `KMS` in the AWS console). The [AWS KMS documentation](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) explains the difference between AWS-_owned_ and KMS-_managed_ keys.
*
*/
public Boolean enabled() {
return this.enabled;
}
/**
* @return ARN of the CMK that should be used for the AWS KMS encryption. This argument should only be used if the key is different from the default KMS-managed DynamoDB key, `alias/aws/dynamodb`. **Note:** This attribute will _not_ be populated with the ARN of _default_ keys.
*
*/
public Optional kmsKeyArn() {
return Optional.ofNullable(this.kmsKeyArn);
}
public static Builder builder() {
return new Builder();
}
public static Builder builder(TableServerSideEncryption defaults) {
return new Builder(defaults);
}
@CustomType.Builder
public static final class Builder {
private Boolean enabled;
private @Nullable String kmsKeyArn;
public Builder() {}
public Builder(TableServerSideEncryption defaults) {
Objects.requireNonNull(defaults);
this.enabled = defaults.enabled;
this.kmsKeyArn = defaults.kmsKeyArn;
}
@CustomType.Setter
public Builder enabled(Boolean enabled) {
if (enabled == null) {
throw new MissingRequiredPropertyException("TableServerSideEncryption", "enabled");
}
this.enabled = enabled;
return this;
}
@CustomType.Setter
public Builder kmsKeyArn(@Nullable String kmsKeyArn) {
this.kmsKeyArn = kmsKeyArn;
return this;
}
public TableServerSideEncryption build() {
final var _resultValue = new TableServerSideEncryption();
_resultValue.enabled = enabled;
_resultValue.kmsKeyArn = kmsKeyArn;
return _resultValue;
}
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy