KeyConfigurationType - Amazon Cognito User Pools
ContentsSee Also
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

KeyConfigurationType

Specifies the key configuration for a user pool. Contains settings for encryption keys used to secure user pool data.

This data type is a request parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.

Contents

KeyType

The type of encryption key used for the user pool.

AWS_OWNED_KEY

A key owned by AWS in AWS Key Management Service.

CUSTOMER_MANAGED_KEY

A key managed by the customer in AWS Key Management Service. You must use a multi-region key to enable multi-region replication for a user pool.

Type: String

Valid Values: AWS_OWNED_KEY | CUSTOMER_MANAGED_KEY

Required: No

KmsKeyArn

The Amazon Resource Name (ARN) of the AWS KMS key used for encryption. If not specified, AWS managed keys are used.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: arn:[\w+=/,.@-]+:[\w+=/,.@-]+:([\w+=/,.@-]*)?:[0-9]+:[\w+=/,.@-]+(:[\w+=/,.@-]+)?(:[\w+=/,.@-]+)?

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: