This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::VerifiedPermissions::PolicyStore KmsEncryptionSettings
A structure that contains the KMS encryption configuration for the policy store. The encryption settings determine what customer-managed KMS key will be used to encrypt all resources within the policy store, and any user-defined context key-value pairs to append during encryption processes.
This data type is used as a field that is part of the EncryptionSettings type.
Syntax
To declare this entity in your CloudFormation template, use the following syntax:
JSON
{ "EncryptionContext" :{, "Key" :Key:Value, ...}String}
YAML
EncryptionContext:Key:Key:ValueString
Properties
EncryptionContext-
User-defined, additional context to be added to encryption processes.
Required: No
Type: Object of String
Pattern:
^.+$Minimum:
1Update requires: No interruption
Key-
The customer-managed KMS key Amazon Resource Name (ARN), alias or ID to be used for encryption processes.
Users can provide the full KMS key ARN, a KMS key alias, or a KMS key ID, but it will be mapped to the full KMS key ARN after policy store creation, and referenced when encrypting child resources.
Required: Yes
Type: String
Pattern:
^[a-zA-Z0-9:/_-]+$Update requires: No interruption
