Docs Home
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.35.0 published on Monday, Sep 22, 2025 by Pulumi
aws-native.iot.EncryptionConfiguration
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.35.0 published on Monday, Sep 22, 2025 by Pulumi
Resource Type definition for AWS::IoT::EncryptionConfiguration
Create EncryptionConfiguration Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new EncryptionConfiguration(name: string, args: EncryptionConfigurationArgs, opts?: CustomResourceOptions);@overload
def EncryptionConfiguration(resource_name: str,
args: EncryptionConfigurationArgs,
opts: Optional[ResourceOptions] = None)
@overload
def EncryptionConfiguration(resource_name: str,
opts: Optional[ResourceOptions] = None,
encryption_type: Optional[EncryptionConfigurationEncryptionType] = None,
kms_access_role_arn: Optional[str] = None,
kms_key_arn: Optional[str] = None)func NewEncryptionConfiguration(ctx *Context, name string, args EncryptionConfigurationArgs, opts ...ResourceOption) (*EncryptionConfiguration, error)public EncryptionConfiguration(string name, EncryptionConfigurationArgs args, CustomResourceOptions? opts = null)
public EncryptionConfiguration(String name, EncryptionConfigurationArgs args)
public EncryptionConfiguration(String name, EncryptionConfigurationArgs args, CustomResourceOptions options)
type: aws-native:iot:EncryptionConfiguration
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args EncryptionConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args EncryptionConfigurationArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args EncryptionConfigurationArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args EncryptionConfigurationArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args EncryptionConfigurationArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
EncryptionConfiguration Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The EncryptionConfiguration resource accepts the following input properties:
- Encryption
Type Pulumi.Aws Native. Io T. Encryption Configuration Encryption Type - The type of the KMS key.
- Kms
Access stringRole Arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- Kms
Key stringArn - The ARN of the customer managed KMS key.
- Encryption
Type EncryptionConfiguration Encryption Type - The type of the KMS key.
- Kms
Access stringRole Arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- Kms
Key stringArn - The ARN of the customer managed KMS key.
- encryption
Type EncryptionConfiguration Encryption Type - The type of the KMS key.
- kms
Access StringRole Arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- kms
Key StringArn - The ARN of the customer managed KMS key.
- encryption
Type EncryptionConfiguration Encryption Type - The type of the KMS key.
- kms
Access stringRole Arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- kms
Key stringArn - The ARN of the customer managed KMS key.
- encryption_
type EncryptionConfiguration Encryption Type - The type of the KMS key.
- kms_
access_ strrole_ arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- kms_
key_ strarn - The ARN of the customer managed KMS key.
- encryption
Type "CUSTOMER_MANAGED_KMS_KEY" | "AWS_OWNED_KMS_KEY" - The type of the KMS key.
- kms
Access StringRole Arn - The Amazon Resource Name (ARN) of the IAM role assumed by AWS IoT Core to call AWS KMS on behalf of the customer.
- kms
Key StringArn - The ARN of the customer managed KMS key.
Outputs
All input properties are implicitly available as output properties. Additionally, the EncryptionConfiguration resource produces the following output properties:
- Account
Id string - The unique identifier (ID) of an AWS account.
- Configuration
Details Pulumi.Aws Native. Io T. Outputs. Configuration Details Properties - Id string
- The provider-assigned unique ID for this managed resource.
- Last
Modified stringDate - The date when encryption configuration is last updated.
- Account
Id string - The unique identifier (ID) of an AWS account.
- Configuration
Details ConfigurationDetails Properties - Id string
- The provider-assigned unique ID for this managed resource.
- Last
Modified stringDate - The date when encryption configuration is last updated.
- account
Id String - The unique identifier (ID) of an AWS account.
- configuration
Details ConfigurationDetails Properties - id String
- The provider-assigned unique ID for this managed resource.
- last
Modified StringDate - The date when encryption configuration is last updated.
- account
Id string - The unique identifier (ID) of an AWS account.
- configuration
Details ConfigurationDetails Properties - id string
- The provider-assigned unique ID for this managed resource.
- last
Modified stringDate - The date when encryption configuration is last updated.
- account_
id str - The unique identifier (ID) of an AWS account.
- configuration_
details ConfigurationDetails Properties - id str
- The provider-assigned unique ID for this managed resource.
- last_
modified_ strdate - The date when encryption configuration is last updated.
- account
Id String - The unique identifier (ID) of an AWS account.
- configuration
Details Property Map - id String
- The provider-assigned unique ID for this managed resource.
- last
Modified StringDate - The date when encryption configuration is last updated.
Supporting Types
ConfigurationDetailsProperties, ConfigurationDetailsPropertiesArgs
- Configuration
Status Pulumi.Aws Native. Io T. Encryption Configuration Configuration Details Properties Configuration Status - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - Error
Code string - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - Error
Message string - The detailed error message that corresponds to the
errorCode.
- Configuration
Status EncryptionConfiguration Configuration Details Properties Configuration Status - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - Error
Code string - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - Error
Message string - The detailed error message that corresponds to the
errorCode.
- configuration
Status EncryptionConfiguration Configuration Details Properties Configuration Status - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - error
Code String - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - error
Message String - The detailed error message that corresponds to the
errorCode.
- configuration
Status EncryptionConfiguration Configuration Details Properties Configuration Status - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - error
Code string - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - error
Message string - The detailed error message that corresponds to the
errorCode.
- configuration_
status EncryptionConfiguration Configuration Details Properties Configuration Status - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - error_
code str - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - error_
message str - The detailed error message that corresponds to the
errorCode.
- configuration
Status "HEALTHY" | "UNHEALTHY" - The health status of KMS key and AWS KMS access role. If either KMS key or AWS KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer managed KMS key, the value ofconfigurationStatusmust beHEALTHY. - error
Code String - The error code that indicates either the KMS key or the AWS KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR. - error
Message String - The detailed error message that corresponds to the
errorCode.
EncryptionConfigurationConfigurationDetailsPropertiesConfigurationStatus, EncryptionConfigurationConfigurationDetailsPropertiesConfigurationStatusArgs
- Healthy
- HEALTHY
- Unhealthy
- UNHEALTHY
- Encryption
Configuration Configuration Details Properties Configuration Status Healthy - HEALTHY
- Encryption
Configuration Configuration Details Properties Configuration Status Unhealthy - UNHEALTHY
- Healthy
- HEALTHY
- Unhealthy
- UNHEALTHY
- Healthy
- HEALTHY
- Unhealthy
- UNHEALTHY
- HEALTHY
- HEALTHY
- UNHEALTHY
- UNHEALTHY
- "HEALTHY"
- HEALTHY
- "UNHEALTHY"
- UNHEALTHY
EncryptionConfigurationEncryptionType, EncryptionConfigurationEncryptionTypeArgs
- Customer
Managed Kms Key - CUSTOMER_MANAGED_KMS_KEY
- Aws
Owned Kms Key - AWS_OWNED_KMS_KEY
- Encryption
Configuration Encryption Type Customer Managed Kms Key - CUSTOMER_MANAGED_KMS_KEY
- Encryption
Configuration Encryption Type Aws Owned Kms Key - AWS_OWNED_KMS_KEY
- Customer
Managed Kms Key - CUSTOMER_MANAGED_KMS_KEY
- Aws
Owned Kms Key - AWS_OWNED_KMS_KEY
- Customer
Managed Kms Key - CUSTOMER_MANAGED_KMS_KEY
- Aws
Owned Kms Key - AWS_OWNED_KMS_KEY
- CUSTOMER_MANAGED_KMS_KEY
- CUSTOMER_MANAGED_KMS_KEY
- AWS_OWNED_KMS_KEY
- AWS_OWNED_KMS_KEY
- "CUSTOMER_MANAGED_KMS_KEY"
- CUSTOMER_MANAGED_KMS_KEY
- "AWS_OWNED_KMS_KEY"
- AWS_OWNED_KMS_KEY
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.
AWS Cloud Control v1.35.0 published on Monday, Sep 22, 2025 by Pulumi