AWS::HealthLake::FHIRDatastore KmsEncryptionConfig - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China.

AWS::HealthLake::FHIRDatastore KmsEncryptionConfig

The customer-managed-key(CMK) used when creating a Data Store. If a customer owned key is not specified, an Amazon owned key will be used for encryption.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "CmkType" : String, "KmsKeyId" : String }


CmkType: String KmsKeyId: String



The type of customer-managed-key(CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and Amazon owned CMKs. For more information on CMK types, see KmsEncryptionConfig.

Required: Yes

Type: String

Update requires: Replacement


The KMS encryption key id/alias used to encrypt the Data Store contents at rest.

Required: No

Type: String

Minimum: 1

Maximum: 400

Pattern: (arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:kms:)?([a-z]{2}-[a-z]+(-[a-z]+)?-\d:)?(\d{12}:)?(((key/)?[a-zA-Z0-9-_]+)|(alias/[a-zA-Z0-9:/_-]+))

Update requires: Replacement