AWS::Synthetics::Canary S3Encryption - AWS CloudFormation
SyntaxProperties
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::Synthetics::Canary S3Encryption

A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see Encrypting canary artifacts.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "EncryptionMode" : String,
  "KmsKeyArn" : String
}

YAML

  EncryptionMode: String
  KmsKeyArn: String

Properties

EncryptionMode

The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed AWS KMS key.

If you omit this parameter, an AWS-managed AWS KMS key is used.

Required: No

Type: String

Update requires: No interruption

KmsKeyArn

The ARN of the customer-managed AWS KMS key to use, if you specify SSE-KMS for EncryptionMode

Required: No

Type: String

Update requires: No interruption