This is the new Amazon CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the Amazon CloudFormation User Guide.
AWS::S3Vectors::Index EncryptionConfiguration
The encryption configuration for a vector bucket or index. By default, if you don't specify, all
new vectors in Amazon S3 vector buckets use server-side encryption with Amazon S3 managed
keys (SSE-S3), specifically AES256. You can optionally override bucket level encryption settings, and set a specific encryption configuration for a vector index at the time of index creation.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
Properties
KmsKeyArn-
Amazon Key Management Service (KMS) customer managed key ID to use for the encryption configuration. This parameter is allowed if and only if
sseTypeis set toaws:kms.To specify the KMS key, you must use the format of the KMS key Amazon Resource Name (ARN).
For example, specify Key ARN in the following format:
arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890abRequired: No
Type: String
Pattern:
^(arn:aws[-a-z0-9]*:kms:[-a-z0-9]*:[0-9]{12}:key/.+)$Minimum:
1Maximum:
2048Update requires: Replacement
SseType-
The server-side encryption type to use for the encryption configuration of the vector bucket. By default, if you don't specify, all new vectors in Amazon S3 vector buckets use server-side encryption with Amazon S3 managed keys (SSE-S3), specifically
AES256.Required: No
Type: String
Allowed values:
AES256 | aws:kmsUpdate requires: Replacement