pub struct ConnectionPasswordEncryption {
pub aws_kms_key_id: Option<String>,
pub return_connection_password_encrypted: bool,
}
Expand description
The data structure used by the Data Catalog to encrypt the password as part of CreateConnection
or UpdateConnection
and store it in the ENCRYPTED_PASSWORD
field in the connection properties. You can enable catalog encryption or only password encryption.
When a CreationConnection
request arrives containing a password, the Data Catalog first encrypts the password using your KMS key. It then encrypts the whole connection object again if catalog encryption is also enabled.
This encryption requires that you set KMS key permissions to enable or restrict access on the password key according to your security requirements. For example, you might want only administrators to have decrypt permission on the password key.
Fields§
§aws_kms_key_id: Option<String>
An KMS key that is used to encrypt the connection password.
If connection password protection is enabled, the caller of CreateConnection
and UpdateConnection
needs at least kms:Encrypt
permission on the specified KMS key, to encrypt passwords before storing them in the Data Catalog.
You can set the decrypt permission to enable or restrict access on the password key according to your security requirements.
return_connection_password_encrypted: bool
When the ReturnConnectionPasswordEncrypted
flag is set to "true", passwords remain encrypted in the responses of GetConnection
and GetConnections
. This encryption takes effect independently from catalog encryption.
Trait Implementations§
Source§impl Clone for ConnectionPasswordEncryption
impl Clone for ConnectionPasswordEncryption
Source§fn clone(&self) -> ConnectionPasswordEncryption
fn clone(&self) -> ConnectionPasswordEncryption
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moreSource§impl Debug for ConnectionPasswordEncryption
impl Debug for ConnectionPasswordEncryption
Source§impl Default for ConnectionPasswordEncryption
impl Default for ConnectionPasswordEncryption
Source§fn default() -> ConnectionPasswordEncryption
fn default() -> ConnectionPasswordEncryption
Source§impl<'de> Deserialize<'de> for ConnectionPasswordEncryption
impl<'de> Deserialize<'de> for ConnectionPasswordEncryption
Source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
Source§impl PartialEq for ConnectionPasswordEncryption
impl PartialEq for ConnectionPasswordEncryption
Source§fn eq(&self, other: &ConnectionPasswordEncryption) -> bool
fn eq(&self, other: &ConnectionPasswordEncryption) -> bool
self
and other
values to be equal, and is used by ==
.