class Aws::QLDB::Types::S3EncryptionConfiguration

The encryption settings that are used by a journal export job to write data in an Amazon Simple Storage Service (Amazon S3) bucket.

@note When making an API call, you may pass S3EncryptionConfiguration

data as a hash:

    {
      object_encryption_type: "SSE_KMS", # required, accepts SSE_KMS, SSE_S3, NO_ENCRYPTION
      kms_key_arn: "Arn",
    }

@!attribute [rw] object_encryption_type

The Amazon S3 object encryption type.

To learn more about server-side encryption options in Amazon S3, see
[Protecting Data Using Server-Side Encryption][1] in the *Amazon S3
Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
@return [String]

@!attribute [rw] kms_key_arn

The Amazon Resource Name (ARN) of a symmetric customer master key
(CMK) in Key Management Service (KMS). Amazon S3 does not support
asymmetric CMKs.

You must provide a `KmsKeyArn` if you specify `SSE_KMS` as the
`ObjectEncryptionType`.

`KmsKeyArn` is not required if you specify `SSE_S3` as the
`ObjectEncryptionType`.
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/S3EncryptionConfiguration AWS API Documentation

Constants

SENSITIVE