AWS::VerifiedPermissions::PolicyStore KmsEncryptionState - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.

AWS::VerifiedPermissions::PolicyStore KmsEncryptionState

A structure that contains the Amazon KMS encryption configuration for the policy store. The encryption state shows what customer-managed KMS key is being used to encrypt all resources within the policy store, and any user-defined context key-value pairs added during encryption processes.

This data type is used as a field that is part of the EncryptionState type.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "EncryptionContext" : {Key: Value, ...},
  "Key" : String
}

YAML

  EncryptionContext: 
    Key: Value
  Key: String

Properties

EncryptionContext

User-defined, additional context added to encryption processes.

Required: Yes

Type: Object of String

Pattern: ^.+$

Minimum: 1

Update requires: No interruption

Key

The customer-managed KMS key Amazon Resource Name (ARN) being used for encryption processes.

Required: Yes

Type: String

Pattern: ^[a-zA-Z0-9:/_-]+$

Update requires: No interruption