AWS::HealthLake::FHIRDatastore KmsEncryptionConfig - AWS CloudFormation

AWS::HealthLake::FHIRDatastore KmsEncryptionConfig

The customer-managed-key(CMK) used when creating a Data Store. If a customer owned key is not specified, an Amazon owned key will be used for encryption.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "CmkType" : String, "KmsKeyId" : String }

YAML

CmkType: String KmsKeyId: String

Properties

CmkType

The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see KmsEncryptionConfig.

Required: Yes

Type: String

Allowed values: CUSTOMER_MANAGED_KMS_KEY | AWS_OWNED_KMS_KEY

Update requires: Replacement

KmsKeyId

The KMS encryption key id/alias used to encrypt the data store contents at rest.

Required: No

Type: String

Pattern: (arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:kms:)?([a-z]{2}-[a-z]+(-[a-z]+)?-\d:)?(\d{12}:)?(((key/)?[a-zA-Z0-9-_]+)|(alias/[a-zA-Z0-9:/_-]+))

Minimum: 1

Maximum: 400

Update requires: Replacement