interface OnlineStoreSecurityConfigProperty
This page is available in another version. Click here for the v2 documentation.
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty |
 Java | software.amazon.awscdk.services.sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty |
 Python | aws_cdk.aws_sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty |
 TypeScript | @aws-cdk/aws-sagemaker » CfnFeatureGroup » OnlineStoreSecurityConfigProperty |
The security configuration for OnlineStore .
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as sagemaker from '@aws-cdk/aws-sagemaker';
const onlineStoreSecurityConfigProperty: sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty = {
kmsKeyId: 'kmsKeyId',
};
Properties
| Name | Type | Description |
|---|---|---|
| kms | string | The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption. |
kmsKeyId?
Type:
string
(optional)
The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.
The caller (either user or IAM role) of CreateFeatureGroup must have below permissions to the OnlineStore KmsKeyId :
"kms:Encrypt""kms:Decrypt""kms:DescribeKey""kms:CreateGrant""kms:RetireGrant""kms:ReEncryptFrom""kms:ReEncryptTo""kms:GenerateDataKey""kms:ListAliases""kms:ListGrants""kms:RevokeGrant"
The caller (either user or IAM role) to all DataPlane operations ( PutRecord , GetRecord , DeleteRecord ) must have the following permissions to the KmsKeyId :
"kms:Decrypt"