CloudFront / Client / create_field_level_encryption_profile

create_field_level_encryption_profile#

CloudFront.Client.create_field_level_encryption_profile(**kwargs)#

Create a field-level encryption profile.

See also: AWS API Documentation

Request Syntax

response = client.create_field_level_encryption_profile(
    FieldLevelEncryptionProfileConfig={
        'Name': 'string',
        'CallerReference': 'string',
        'Comment': 'string',
        'EncryptionEntities': {
            'Quantity': 123,
            'Items': [
                {
                    'PublicKeyId': 'string',
                    'ProviderId': 'string',
                    'FieldPatterns': {
                        'Quantity': 123,
                        'Items': [
                            'string',
                        ]
                    }
                },
            ]
        }
    }
)
Parameters:

FieldLevelEncryptionProfileConfig (dict) –

[REQUIRED]

The request to create a field-level encryption profile.

  • Name (string) – [REQUIRED]

    Profile name for the field-level encryption profile.

  • CallerReference (string) – [REQUIRED]

    A unique number that ensures that the request can’t be replayed.

  • Comment (string) –

    An optional comment for the field-level encryption profile. The comment cannot be longer than 128 characters.

  • EncryptionEntities (dict) – [REQUIRED]

    A complex data type of encryption entities for the field-level encryption profile that include the public key ID, provider, and field patterns for specifying which fields to encrypt with this key.

    • Quantity (integer) – [REQUIRED]

      Number of field pattern items in a field-level encryption content type-profile mapping.

    • Items (list) –

      An array of field patterns in a field-level encryption content type-profile mapping.

      • (dict) –

        Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications.

        • PublicKeyId (string) – [REQUIRED]

          The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

        • ProviderId (string) – [REQUIRED]

          The provider associated with the public key being used for encryption. This value must also be provided with the private key for applications to be able to decrypt data.

        • FieldPatterns (dict) – [REQUIRED]

          Field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted. You can provide the full field name, or any beginning characters followed by a wildcard (*). You can’t overlap field patterns. For example, you can’t have both ABC* and AB*. Note that field patterns are case-sensitive.

          • Quantity (integer) – [REQUIRED]

            The number of field-level encryption field patterns.

          • Items (list) –

            An array of the field-level encryption field patterns.

            • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'FieldLevelEncryptionProfile': {
        'Id': 'string',
        'LastModifiedTime': datetime(2015, 1, 1),
        'FieldLevelEncryptionProfileConfig': {
            'Name': 'string',
            'CallerReference': 'string',
            'Comment': 'string',
            'EncryptionEntities': {
                'Quantity': 123,
                'Items': [
                    {
                        'PublicKeyId': 'string',
                        'ProviderId': 'string',
                        'FieldPatterns': {
                            'Quantity': 123,
                            'Items': [
                                'string',
                            ]
                        }
                    },
                ]
            }
        }
    },
    'Location': 'string',
    'ETag': 'string'
}

Response Structure

  • (dict) –

    • FieldLevelEncryptionProfile (dict) –

      Returned when you create a new field-level encryption profile.

      • Id (string) –

        The ID for a field-level encryption profile configuration which includes a set of profiles that specify certain selected data fields to be encrypted by specific public keys.

      • LastModifiedTime (datetime) –

        The last time the field-level encryption profile was updated.

      • FieldLevelEncryptionProfileConfig (dict) –

        A complex data type that includes the profile name and the encryption entities for the field-level encryption profile.

        • Name (string) –

          Profile name for the field-level encryption profile.

        • CallerReference (string) –

          A unique number that ensures that the request can’t be replayed.

        • Comment (string) –

          An optional comment for the field-level encryption profile. The comment cannot be longer than 128 characters.

        • EncryptionEntities (dict) –

          A complex data type of encryption entities for the field-level encryption profile that include the public key ID, provider, and field patterns for specifying which fields to encrypt with this key.

          • Quantity (integer) –

            Number of field pattern items in a field-level encryption content type-profile mapping.

          • Items (list) –

            An array of field patterns in a field-level encryption content type-profile mapping.

            • (dict) –

              Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications.

              • PublicKeyId (string) –

                The public key associated with a set of field-level encryption patterns, to be used when encrypting the fields that match the patterns.

              • ProviderId (string) –

                The provider associated with the public key being used for encryption. This value must also be provided with the private key for applications to be able to decrypt data.

              • FieldPatterns (dict) –

                Field patterns in a field-level encryption content type profile specify the fields that you want to be encrypted. You can provide the full field name, or any beginning characters followed by a wildcard (*). You can’t overlap field patterns. For example, you can’t have both ABC* and AB*. Note that field patterns are case-sensitive.

                • Quantity (integer) –

                  The number of field-level encryption field patterns.

                • Items (list) –

                  An array of the field-level encryption field patterns.

                  • (string) –

    • Location (string) –

      The fully qualified URI of the new profile resource just created.

    • ETag (string) –

      The current version of the field level encryption profile. For example: E2QWRUHAPOMQZL.

Exceptions

  • CloudFront.Client.exceptions.TooManyFieldLevelEncryptionFieldPatterns

  • CloudFront.Client.exceptions.FieldLevelEncryptionProfileAlreadyExists

  • CloudFront.Client.exceptions.NoSuchPublicKey

  • CloudFront.Client.exceptions.FieldLevelEncryptionProfileSizeExceeded

  • CloudFront.Client.exceptions.InconsistentQuantities

  • CloudFront.Client.exceptions.TooManyFieldLevelEncryptionProfiles

  • CloudFront.Client.exceptions.TooManyFieldLevelEncryptionEncryptionEntities

  • CloudFront.Client.exceptions.InvalidArgument