AWS::KinesisFirehose::DeliveryStream KMSEncryptionConfig - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::KinesisFirehose::DeliveryStream KMSEncryptionConfig

The KMSEncryptionConfig property type specifies the AWS Key Management Service (AWS KMS) encryption key that Amazon Simple Storage Service (Amazon S3) uses to encrypt data delivered by the Amazon Kinesis Data Firehose (Kinesis Data Firehose) stream.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "AWSKMSKeyARN" : String
}

YAML

  AWSKMSKeyARN: String

Properties

AWSKMSKeyARN

The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket.

Required: Yes

Type: String

Pattern: arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:key/[a-zA-Z_0-9+=,.@\-_/]+

Minimum: 1

Maximum: 512

Update requires: No interruption