IoT / Client / describe_encryption_configuration
describe_encryption_configuration¶
- IoT.Client.describe_encryption_configuration()¶
Retrieves the encryption configuration for resources and data of your Amazon Web Services account in Amazon Web Services IoT Core. For more information, see Key management in IoT from the Amazon Web Services IoT Core Developer Guide.
See also: AWS API Documentation
Request Syntax
response = client.describe_encryption_configuration()
- Return type:
dict
- Returns:
Response Syntax
{ 'encryptionType': 'CUSTOMER_MANAGED_KMS_KEY'|'AWS_OWNED_KMS_KEY', 'kmsKeyArn': 'string', 'kmsAccessRoleArn': 'string', 'configurationDetails': { 'configurationStatus': 'HEALTHY'|'UNHEALTHY', 'errorCode': 'string', 'errorMessage': 'string' }, 'lastModifiedDate': datetime(2015, 1, 1) }
Response Structure
(dict) –
encryptionType (string) –
The type of the Amazon Web Services Key Management Service (KMS) key.
kmsKeyArn (string) –
The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on behalf of the customer.
kmsAccessRoleArn (string) –
The ARN of the customer-managed KMS key.
configurationDetails (dict) –
The encryption configuration details that include the status information of the KMS key and the KMS access role.
configurationStatus (string) –
The health status of KMS key and KMS access role. If either KMS key or KMS access role is
UNHEALTHY, the return value will beUNHEALTHY. To use a customer-managed KMS key, the value ofconfigurationStatusmust beHEALTHY.errorCode (string) –
The error code that indicates either the KMS key or the KMS access role is
UNHEALTHY. Valid values:KMS_KEY_VALIDATION_ERRORandROLE_VALIDATION_ERROR.errorMessage (string) –
The detailed error message that corresponds to the
errorCode.
lastModifiedDate (datetime) –
The date when encryption configuration is last updated.
Exceptions