Resource: awsCloudfrontFieldLevelEncryptionProfile
Provides a CloudFront Field-level Encryption Profile resource.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsCloudfrontPublicKeyExample =
new aws.cloudfrontPublicKey.CloudfrontPublicKey(this, "example", {
comment: "test public key",
encodedKey: '${file("public_key.pem")}',
name: "test_key",
});
new aws.cloudfrontFieldLevelEncryptionProfile.CloudfrontFieldLevelEncryptionProfile(
this,
"test",
{
comment: "test comment",
encryptionEntities: {
items: [
{
fieldPatterns: {
items: ["DateOfBirth"],
},
providerId: "test provider",
publicKeyId: awsCloudfrontPublicKeyExample.id,
},
],
},
name: "test profile",
}
);
Argument Reference
The following arguments are supported:
name
- (Required) The name of the Field Level Encryption Profile.comment
- (Optional) An optional comment about the Field Level Encryption Profile.encryptionEntities
- (Required) The encryption entities config block for field-level encryption profiles that contains an attributeitems
which includes the encryption key and field pattern specifications.
Encryption Entities
publicKeyId
- (Required) The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.providerId
- (Required) The provider associated with the public key being used for encryption.fieldPatterns
- (Required) Object that contains an attributeitems
that contains the list of field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
callerReference
- Internal value used by CloudFront to allow future updates to the Field Level Encryption Profile.etag
- The current version of the Field Level Encryption Profile. For example:e2Qwruhapomqzl
.id
- The identifier for the Field Level Encryption Profile. For example:k3D5Eweudccxon
.
Import
Cloudfront Field Level Encryption Profile can be imported using the id
, e.g.