• Home
• org.virtuslab
• pulumi-aws-native-kotlin
• 0.112.0.0
• source code
• RepositoryEncryptionConfigurationArgs.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.awsnative.ecr.kotlin.inputs.RepositoryEncryptionConfigurationArgs.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.awsnative.ecr.kotlin.inputs

import com.pulumi.awsnative.ecr.inputs.RepositoryEncryptionConfigurationArgs.builder
import com.pulumi.awsnative.ecr.kotlin.enums.RepositoryEncryptionType
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiNullFieldException
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName

/**
 * The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.
 *  By default, when no encryption configuration is set or the ``AES256`` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES-256 encryption algorithm. This does not require any action on your part.
 *  For more control over the encryption of the contents of your repository, you can use server-side encryption with KMSlong key stored in KMSlong (KMS) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide*.
 * @property encryptionType The encryption type to use.
 * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
 * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
 * @property kmsKey If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used.
 */
public data class RepositoryEncryptionConfigurationArgs(
    public val encryptionType: Output,
    public val kmsKey: Output? = null,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.awsnative.ecr.inputs.RepositoryEncryptionConfigurationArgs =
        com.pulumi.awsnative.ecr.inputs.RepositoryEncryptionConfigurationArgs.builder()
            .encryptionType(encryptionType.applyValue({ args0 -> args0.let({ args0 -> args0.toJava() }) }))
            .kmsKey(kmsKey?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [RepositoryEncryptionConfigurationArgs].
 */
@PulumiTagMarker
public class RepositoryEncryptionConfigurationArgsBuilder internal constructor() {
    private var encryptionType: Output? = null

    private var kmsKey: Output? = null

    /**
     * @param value The encryption type to use.
     * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
     * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
     */
    @JvmName("vkngmfjyddcdeihv")
    public suspend fun encryptionType(`value`: Output) {
        this.encryptionType = value
    }

    /**
     * @param value If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used.
     */
    @JvmName("nicdhjcpdpnkunvu")
    public suspend fun kmsKey(`value`: Output) {
        this.kmsKey = value
    }

    /**
     * @param value The encryption type to use.
     * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS KMS . When you use AWS KMS to encrypt your data, you can either use the default AWS managed AWS KMS key for Amazon ECR, or specify your own AWS KMS key, which you already created. For more information, see [Protecting data using server-side encryption with an AWS KMS key stored in AWS Key Management Service (SSE-KMS)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
     * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES-256 encryption algorithm. For more information, see [Protecting data using server-side encryption with Amazon S3-managed encryption keys (SSE-S3)](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) in the *Amazon Simple Storage Service Console Developer Guide* .
     */
    @JvmName("rqdsnbvrtjdlmcca")
    public suspend fun encryptionType(`value`: RepositoryEncryptionType) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.encryptionType = mapped
    }

    /**
     * @param value If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used.
     */
    @JvmName("mblaogahmiufttip")
    public suspend fun kmsKey(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.kmsKey = mapped
    }

    internal fun build(): RepositoryEncryptionConfigurationArgs =
        RepositoryEncryptionConfigurationArgs(
            encryptionType = encryptionType ?: throw PulumiNullFieldException("encryptionType"),
            kmsKey = kmsKey,
        )
}