class Aws::ECR::Types::EncryptionConfiguration


@see docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/EncryptionConfiguration AWS API Documentation
@return [String]
key for Amazon ECR will be used.
If no key is specified, the default Amazon Web Services managed KMS
specified. The key must exist in the same Region as the repository.
encryption. The alias, key ID, or full ARN of the KMS key can be
If you use the ‘KMS` encryption type, specify the KMS key to use for
@!attribute [rw] kms_key
@return [String]<br>: docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html<br>[1]: docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html<br><br><br><br>Simple Storage Service Console Developer Guide*.
with Amazon S3-managed encryption keys (SSE-S3)] in the *Amazon
more information, see [Protecting data using server-side encryption
images in the repository using an AES-256 encryption algorithm. For
encryption with Amazon S3-managed encryption keys which encrypts the
If you use the `AES256` encryption type, Amazon ECR uses server-side
Developer Guide*.
Service (SSE-KMS)] in the *Amazon Simple Storage Service Console
server-side encryption with an KMS key stored in Key Management
created. For more information, see [Protecting data using
for Amazon ECR, or specify your own KMS key, which you already
you can either use the default Amazon Web Services managed KMS key
Service key stored in KMS. When you use KMS to encrypt your data,
will be encrypted using server-side encryption with Key Management
If you use the `KMS` encryption type, the contents of the repository
The encryption type to use.
@!attribute [rw] encryption_type<br><br>: docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html<br><br><br><br>in the *Amazon Elastic Container Registry User Guide*.
images. For more information, see [Amazon ECR encryption at rest][1]
Service key stored in Key Management Service (KMS) to encrypt your
repository, you can use server-side encryption with Key Management
For more control over the encryption of the contents of your
action on your part.
using an AES-256 encryption algorithm. This does not require any
Amazon S3-managed encryption keys which encrypts your data at rest
encryption type is used, Amazon ECR uses server-side encryption with
By default, when no encryption configuration is set or the `AES256`
the contents of your repository are encrypted at rest.
The encryption configuration for the repository. This determines how