pulumi-aws-kotlin/com.pulumi.aws.opensearch.kotlin.inputs/DomainEncryptAtRestArgs

DomainEncryptAtRestArgs

data class DomainEncryptAtRestArgs(val enabled: Output<Boolean>, val kmsKeyId: Output<String>? = null) : ConvertibleToJava<DomainEncryptAtRestArgs>

Constructors

Link copied to clipboard
constructor(enabled: Output<Boolean>, kmsKeyId: Output<String>? = null)

Properties

Link copied to clipboard
val enabled: Output<Boolean>

Whether to enable encryption at rest. If the encrypt_at_rest block is not provided then this defaults to false. Enabling encryption on new domains requires an engine_version of OpenSearch_X.Y or Elasticsearch_5.1 or greater.

Link copied to clipboard
val kmsKeyId: Output<String>? = null

KMS key ARN to encrypt the Elasticsearch domain with. If not specified then it defaults to using the aws/es service KMS key. Note that KMS will accept a KMS key ID but will return the key ARN. To prevent the provider detecting unwanted changes, use the key ARN instead.

Functions

Link copied to clipboard
open override fun toJava(): DomainEncryptAtRestArgs