Skip to content

Data Source: awsGlueDataCatalogEncryptionSettings

This data source can be used to fetch information about AWS Glue Data Catalog Encryption Settings.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsGlueDataCatalogEncryptionSettings.DataAwsGlueDataCatalogEncryptionSettings(
  this,
  "example",
  {
    id: "123456789123",
  }
);

Argument Reference

  • catalogId - (Required) ID of the Data Catalog. This is typically the AWS account ID.

Attributes Reference

  • dataCatalogEncryptionSettings – The security configuration to set. see Data Catalog Encryption Settings.
  • id – The ID of the Data Catalog to set the security configuration for.

dataCatalogEncryptionSettings

  • connectionPasswordEncryption - When connection password protection is enabled, the Data Catalog uses a customer-provided key to encrypt the password as part of CreateConnection or UpdateConnection and store it in the ENCRYPTED_PASSWORD field in the connection properties. You can enable catalog encryption or only password encryption. see Connection Password Encryption.
  • encryptionAtRest - Encryption-at-rest configuration for the Data Catalog. see Encryption At Rest.

connectionPasswordEncryption

  • returnConnectionPasswordEncrypted - When set to true, passwords remain encrypted in the responses of GetConnection and GetConnections. This encryption takes effect independently of the catalog encryption.
  • awsKmsKeyId - KMS key ARN that is used to encrypt the connection password.

encryptionAtRest

  • catalogEncryptionMode - The encryption-at-rest mode for encrypting Data Catalog data.
  • sseAwsKmsKeyId - ARN of the AWS KMS key to use for encryption at rest.