AWS::KinesisFirehose::DeliveryStream KMSEncryptionConfig - AWS CloudFormation

AWS::KinesisFirehose::DeliveryStream KMSEncryptionConfig

The KMSEncryptionConfig property type specifies the AWS Key Management Service (AWS KMS) encryption key that Amazon Simple Storage Service (Amazon S3) uses to encrypt data delivered by the Amazon Kinesis Data Firehose (Kinesis Data Firehose) stream.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "AWSKMSKeyARN" : String }

YAML

AWSKMSKeyARN: String

Properties

AWSKMSKeyARN

The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.

Required: Yes

Type: String

Pattern: arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:(key|alias)/[a-zA-Z_0-9+=,.@\-_/]+

Minimum: 1

Maximum: 512

Update requires: Replacement