Versions Compared

Old Version 5

changes.mady.by.user Andres Aguilar

Saved on

compared with

New Version 6

changes.mady.by.user Andres Aguilar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagejs
   "encryptionProvider": {
      "_comments_implementation": [
        "Maven coordinates of the encryption provider",
        "default is: com.accenture.aspire:aspire-encryption-provider"
      ],
      "implementation": "com.accenture.aspire:aspire-aws-kms-encryption-provider"
    },

There are two ways of configuring the encryption provider through Properties or Settings File (click each link to see more details)

Regardless of which way it is used to configure the provider, the following parameters will be used:

ParameterRequiredDefaultDescription
roleARNnonull

(Optional) If the KMS service must be accessed through the assumption of an IAM role, specify the role ARN. Role Assumption is recommended so the base account won't have direct access to the resources.

If not specified, the base account will be used to execute the encryption/decryption calls directly.

keyARNyesN/AThe KMS key ARN.
regionyesN/AThe AWS region on which the KMS service will be used
accessKeynonull(Optional) Specify the access key if static credentials must be used for the base account. If this is not specified the Default Credential Provider Chain will be used.
secretKeynonull(Optional) Specify the secret key if static credentials must be used for the base account. If this is not specified the Default Credential Provider Chain will be used.

How to create a KMS Key suitable for Aspire?

...