AWS::HealthLake::FHIRDatastore KmsEncryptionConfig - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::HealthLake::FHIRDatastore KmsEncryptionConfig

The customer-managed-key(CMK) used when creating a Data Store. If a customer owned key is not specified, an Amazon owned key will be used for encryption.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "CmkType" : String,
  "KmsKeyId" : String
}

YAML

  CmkType: String
  KmsKeyId: String

Properties

CmkType

The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see KmsEncryptionConfig.

Required: Yes

Type: String

Allowed values: CUSTOMER_MANAGED_KMS_KEY | AWS_OWNED_KMS_KEY

Update requires: Replacement

KmsKeyId

The Key Management Service (KMS) encryption key id/alias used to encrypt the data store contents at rest.

Required: No

Type: String

Pattern: (arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:kms:)?([a-z]{2}-[a-z]+(-[a-z]+)?-\d:)?(\d{12}:)?(((key/)?[a-zA-Z0-9-_]+)|(alias/[a-zA-Z0-9:/_-]+))

Minimum: 1

Maximum: 400

Update requires: Replacement