:doc:`IoT <../../iot>` / Client / update_encryption_configuration

*******************************
update_encryption_configuration
*******************************



.. py:method:: IoT.Client.update_encryption_configuration(**kwargs)

  

  Updates the encryption configuration. By default, Amazon Web Services IoT Core encrypts your data at rest using Amazon Web Services owned keys. Amazon Web Services IoT Core also supports symmetric customer managed keys from Key Management Service (KMS). With customer managed keys, you create, own, and manage the KMS keys in your Amazon Web Services account.

   

  Before using this API, you must set up permissions for Amazon Web Services IoT Core to access KMS. For more information, see `Data encryption at rest <https://docs.aws.amazon.com/iot/latest/developerguide/encryption-at-rest.html>`__ in the *Amazon Web Services IoT Core Developer Guide*.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/UpdateEncryptionConfiguration>`_  


  **Request Syntax**
  ::

    response = client.update_encryption_configuration(
        encryptionType='CUSTOMER_MANAGED_KMS_KEY'|'AWS_OWNED_KMS_KEY',
        kmsKeyArn='string',
        kmsAccessRoleArn='string'
    )
    
  :type encryptionType: string
  :param encryptionType: **[REQUIRED]** 

    The type of the KMS key.

    

  
  :type kmsKeyArn: string
  :param kmsKeyArn: 

    The ARN of the customer managedKMS key.

    

  
  :type kmsAccessRoleArn: string
  :param kmsAccessRoleArn: 

    The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on behalf of the customer.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {}
      
    **Response Structure**

    

    - *(dict) --* 
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.UnauthorizedException`

  
  *   :py:class:`IoT.Client.exceptions.ServiceUnavailableException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  