models.aws_kms_configuration module

class models.aws_kms_configuration.AwsKmsConfiguration(access_key_id=None, auth_method=None, ca_certificate=None, cmk_alias=None, cmk_arn=None, cmk_key_id=None, iam_role_arn=None, region=None, secret_access_key=None, verify_ssl=None)[source]

Bases: object

Implementation of the ‘AwsKmsConfiguration’ model.

AwsKmsConfiguration to define AWS KMS config.

access_key_id (string): Access key id needed to access the cloud

account. When update cluster config, should encrypte accessKeyId with cluster ID.

auth_method (AuthMethodEnum): Specifies the authentication method

to be used for API calls. Specifies the authentication method to be used for API calls. ‘kUseIAMUser’ indicates a user based authentication. ‘kUseIAMRole’ indicates a role based authentication, used only for AWS CE.

ca_certificate (string): Specify the ca certificate path. cmk_alias (string): The string alias of the CMK. cmk_arn (string): The Amazon Resource Number of AWS Customer Managed


cmk_key_id (string): AWS keyId, and alias.

Only need one of them to connect AWS. Alias is better, because keyId maybe rotated by AWS. The unique key id of the CMK.

iam_role_arn (string): Specifies the IAM role which will be used to

access the security credentials required for API calls.

region (string): AWS region, e.g. us-east-1, us-west-2, for the AWS

Glacier service to be used to authenticate resources within this region by the configured AWS account.

secret_access_key (string): Secret access key needed to access the

cloud account. This is encrypted with the cluster id.

verify_ssl (bool): Specify whether to verify SSL when connect with

AWS KMS. Default is true.

classmethod from_dictionary(dictionary)[source]

Creates an instance of this model from a dictionary


dictionary (dictionary): A dictionary representation of the object as obtained from the deserialization of the server’s response. The keys MUST match property names in the API description.


object: An instance of this structure class.