java.lang.Object
- software.amazon.awssdk.services.ecr.model.EncryptionConfiguration

All Implemented Interfaces:

Serializable, SdkPojo, ToCopyableBuilder<EncryptionConfiguration.Builder,EncryptionConfiguration>
```
@Generated("software.amazon.awssdk:codegen")
public final class EncryptionConfiguration
extends Object
implements SdkPojo, Serializable, ToCopyableBuilder<EncryptionConfiguration.Builder,EncryptionConfiguration>
```
The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest.

By default, when no encryption configuration is set or the AES256 encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES256 encryption algorithm. This does not require any action on your part.

For more control over the encryption of the contents of your repository, you can use server-side encryption with Key Management Service key stored in Key Management Service (KMS) to encrypt your images. For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide.

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static interface EncryptionConfiguration.Builder

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`static EncryptionConfiguration.Builder`	`builder()`
`EncryptionType`	`encryptionType()`	The encryption type to use.
`String`	`encryptionTypeAsString()`	The encryption type to use.
`boolean`	`equals(Object obj)`
`boolean`	`equalsBySdkFields(Object obj)`
`<T> Optional<T>`	`getValueForField(String fieldName, Class<T> clazz)`
`int`	`hashCode()`
`String`	`kmsKey()`	If you use the `KMS` encryption type, specify the KMS key to use for encryption.
`Map<String,SdkField<?>>`	`sdkFieldNameToField()`
`List<SdkField<?>>`	`sdkFields()`
`static Class<? extends EncryptionConfiguration.Builder>`	`serializableBuilderClass()`
`EncryptionConfiguration.Builder`	`toBuilder()`
`String`	`toString()`	Returns a string representation of this object.

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy

- Method Detail
  - encryptionType
```
public final EncryptionType encryptionType()
```
    The encryption type to use.
    
    If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.
    
    If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the KMS encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created.
    
    If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
    
    For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide.
    
    If the service returns an enum value that is not available in the current SDK version, encryptionType will return EncryptionType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from encryptionTypeAsString().
    
    Returns:
    
    The encryption type to use.
    
    If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.
    
    If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the KMS encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created.
    
    If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
    
    For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide.
    
    See Also:
    
    EncryptionType
  - encryptionTypeAsString
```
public final String encryptionTypeAsString()
```
    The encryption type to use.
    
    If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.
    
    If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the KMS encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created.
    
    If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
    
    For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide.
    
    If the service returns an enum value that is not available in the current SDK version, encryptionType will return EncryptionType.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from encryptionTypeAsString().
    
    Returns:
    
    The encryption type to use.
    
    If you use the KMS encryption type, the contents of the repository will be encrypted using server-side encryption with Key Management Service key stored in KMS. When you use KMS to encrypt your data, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you already created.
    
    If you use the KMS_DSSE encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the KMS encryption type, you can either use the default Amazon Web Services managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created.
    
    If you use the AES256 encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm.
    
    For more information, see Amazon ECR encryption at rest in the Amazon Elastic Container Registry User Guide.
    
    See Also:
    
    EncryptionType
  - kmsKey
```
public final String kmsKey()
```
    If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR will be used.
    
    Returns:
    
    If you use the KMS encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default Amazon Web Services managed KMS key for Amazon ECR will be used.
  - toBuilder
```
public EncryptionConfiguration.Builder toBuilder()
```
    Specified by:
    
    toBuilder in interface ToCopyableBuilder<EncryptionConfiguration.Builder,EncryptionConfiguration>
  - builder
```
public static EncryptionConfiguration.Builder builder()
```
  - serializableBuilderClass
```
public static Class<? extends EncryptionConfiguration.Builder> serializableBuilderClass()
```
  - hashCode
```
public final int hashCode()
```
    Overrides:
    
    hashCode in class Object
  - equals
```
public final boolean equals(Object obj)
```
    Overrides:
    
    equals in class Object
  - equalsBySdkFields
```
public final boolean equalsBySdkFields(Object obj)
```
    Specified by:
    
    equalsBySdkFields in interface SdkPojo
  - toString
```
public final String toString()
```
    Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
    
    Overrides:
    
    toString in class Object
  - getValueForField
```
public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)
```
  - sdkFields
```
public final List<SdkField<?>> sdkFields()
```
    Specified by:
    
    sdkFields in interface SdkPojo
  - sdkFieldNameToField
```
public final Map<String,SdkField<?>> sdkFieldNameToField()
```
    Specified by:
    
    sdkFieldNameToField in interface SdkPojo

Class EncryptionConfiguration

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

Method Detail

encryptionType

encryptionTypeAsString

kmsKey

toBuilder

builder

serializableBuilderClass

hashCode

equals

equalsBySdkFields

toString

getValueForField

sdkFields

sdkFieldNameToField