updateEncryptionConfiguration method

Future<void> updateEncryptionConfiguration({
  1. required EncryptionType encryptionType,
  2. String? kmsAccessRoleArn,
  3. String? kmsKeyArn,
})

Updates the encryption configuration. By default, Amazon Web Services IoT Core encrypts your data at rest using Amazon Web Services owned keys. Amazon Web Services IoT Core also supports symmetric customer managed keys from Key Management Service (KMS). With customer managed keys, you create, own, and manage the KMS keys in your Amazon Web Services account.

Before using this API, you must set up permissions for Amazon Web Services IoT Core to access KMS. For more information, see Data encryption at rest in the Amazon Web Services IoT Core Developer Guide.

May throw InternalFailureException. May throw InvalidRequestException. May throw ServiceUnavailableException. May throw ThrottlingException. May throw UnauthorizedException.

Parameter encryptionType : The type of the KMS key.

Parameter kmsAccessRoleArn : The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on behalf of the customer.

Parameter kmsKeyArn : The ARN of the customer managedKMS key.

Implementation

Future<void> updateEncryptionConfiguration({
  required EncryptionType encryptionType,
  String? kmsAccessRoleArn,
  String? kmsKeyArn,
}) async {
  final $payload = <String, dynamic>{
    'encryptionType': encryptionType.value,
    if (kmsAccessRoleArn != null) 'kmsAccessRoleArn': kmsAccessRoleArn,
    if (kmsKeyArn != null) 'kmsKeyArn': kmsKeyArn,
  };
  final response = await _protocol.send(
    payload: $payload,
    method: 'PATCH',
    requestUri: '/encryption-configuration',
    exceptionFnMap: _exceptionFns,
  );
}