AWS::MWAAServerless::Workflow EncryptionConfiguration - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::MWAAServerless::Workflow EncryptionConfiguration

Configuration for encrypting workflow data at rest and in transit. Amazon Managed Workflows for Apache Airflow Serverless provides comprehensive encryption capabilities to protect sensitive workflow data, parameters, and execution logs. When using customer-managed keys, the service integrates with AmazonAmazon KMS to provide fine-grained access control and audit capabilities. Encryption is applied consistently across the distributed execution environment including task containers, metadata storage, and log streams.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "KmsKeyId" : String,
  "Type" : String
}

YAML

  KmsKeyId: String
  Type: String

Properties

KmsKeyId

The ID or ARN of the Amazon KMS key to use for encryption. Required when Type is CUSTOMER_MANAGED_KEY.

Required: No

Type: String

Update requires: Replacement

Type

The type of encryption to use. Values are AWS_MANAGED_KEY (Amazon manages the encryption key) or CUSTOMER_MANAGED_KEY (you provide a KMS key).

Required: Yes

Type: String

Allowed values: AWS_MANAGED_KEY | CUSTOMER_MANAGED_KEY

Update requires: Replacement