AWS::Wisdom::Assistant ServerSideEncryptionConfiguration - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::Wisdom::Assistant ServerSideEncryptionConfiguration

The configuration information for the customer managed key used for encryption.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "KmsKeyId" : String }


KmsKeyId: String



The customer managed key used for encryption. The customer managed key must have a policy that allows kms:CreateGrant and kms:DescribeKey permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow kms:Decrypt, kms:GenerateDataKey*, and kms:DescribeKey permissions to the service principal. For more information about setting up a customer managed key for Wisdom, see Enable Amazon Connect Wisdom for your instance. For information about valid ID values, see Key identifiers (KeyId) in the Amazon Key Management Service Developer Guide.

Required: No

Type: String

Minimum: 1

Maximum: 4096

Update requires: Replacement