eventbridge/aws.sdk.kotlin.services.eventbridge.model/CreateEventBusRequest/kmsKeyIdentifier

kmsKeyIdentifier

val kmsKeyIdentifier: String?

The identifier of the KMS customer managed key for EventBridge to use, if you choose to use a customer managed key to encrypt events on this event bus. The identifier can be the key Amazon Resource Name (ARN), KeyId, key alias, or key alias ARN.

If you do not specify a customer managed key identifier, EventBridge uses an Amazon Web Services owned key to encrypt events on the event bus.

For more information, see Identify and view keys in the Key Management Service Developer Guide.

Schema discovery is not supported for event buses encrypted using a customer managed key. EventBridge returns an error if:

  • You call <a href="http://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discoverers.html#CreateDiscoverer">CreateDiscoverer</a> on an event bus set to use a customer managed key for encryption.

  • You call <a href="http://docs.aws.amazon.com/eventbridge/latest/APIReference/API_UpdatedEventBus.html">UpdatedEventBus</a> to set a customer managed key on an event bus with schema discovery enabled. To enable schema discovery on an event bus, choose to use an Amazon Web Services owned key. For more information, see Encrypting events in the Amazon EventBridge User Guide.

If you have specified that EventBridge use a customer managed key for encrypting the source event bus, we strongly recommend you also specify a customer managed key for any archives for the event bus as well.

For more information, see Encrypting archives in the Amazon EventBridge User Guide.

© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved. Generated by dokka