AWS::KinesisFirehose::DeliveryStream KMSEncryptionConfig
The KMSEncryptionConfig
property type specifies the AWS
Key Management Service (AWS KMS) encryption key that Amazon Simple Storage
Service (Amazon S3) uses to encrypt data delivered by the Amazon Kinesis Data Firehose
(Kinesis Data Firehose) stream.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "AWSKMSKeyARN" :
String
}
YAML
AWSKMSKeyARN:
String
Properties
AWSKMSKeyARN
-
The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.
Required: Yes
Type: String
Pattern:
arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:(key|alias)/[a-zA-Z_0-9+=,.@\-_/]+
Minimum:
1
Maximum:
512
Update requires: Replacement