redshift-serverless-namespace-cmk-encryption - Amazon Config
Amazon CloudFormation template
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

redshift-serverless-namespace-cmk-encryption

Checks if Amazon Redshift Serverless namespaces are encrypted by customer managed Amazon KMS keys. The rule is NON_COMPLIANT if a namespace is not encrypted by a customer managed key. Optionally, you can specify a list of KMS keys for rule to check.

Identifier: REDSHIFT_SERVERLESS_NAMESPACE_CMK_ENCRYPTION

Resource Types: AWS::RedshiftServerless::Namespace

Trigger type: Periodic

Amazon Web Services Region: All supported Amazon regions except Middle East (Bahrain), Asia Pacific (Thailand), Africa (Cape Town), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Malaysia), Asia Pacific (Melbourne), Europe (Milan), Mexico (Central), Canada West (Calgary) Region

Parameters:

kmsKeyArns (Optional)
Type: CSV

Comma-separated list of Amazon Resource Names (ARNs) of customer managed keys for the rule to check. If provided, the rule is NON_COMPLIANT if an Amazon Redshift Serverless namespace is not encrypted with one of these KMS keys.

Amazon CloudFormation template

To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.