This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::S3Tables::TableBucket EncryptionConfiguration
Configuration specifying how data should be encrypted. This structure defines the encryption algorithm and optional KMS key to be used for server-side encryption.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "KMSKeyArn" :String, "SSEAlgorithm" :String}
YAML
KMSKeyArn:StringSSEAlgorithm:String
Properties
KMSKeyArn-
The Amazon Resource Name (ARN) of the KMS key to use for encryption. This field is required only when
sseAlgorithmis set toaws:kms.Required: No
Type: String
Pattern:
(arn:aws[-a-z0-9]*:kms:[-a-z0-9]*:[0-9]{12}:key/.+)Minimum:
1Maximum:
2048Update requires: No interruption
SSEAlgorithm-
The server-side encryption algorithm to use. Valid values are
AES256for S3-managed encryption keys, oraws:kmsfor AWS KMS-managed encryption keys. If you choose SSE-KMS encryption you must grant the S3 Tables maintenance principal access to your KMS key. For more information, see Permissions requirements for S3 Tables SSE-KMS encryption.Required: No
Type: String
Allowed values:
AES256 | aws:kmsUpdate requires: No interruption
