DeliveryStreamEncryptionConfiguration
Contains information about the server-side encryption (SSE) status for the delivery
stream, the type customer master key (CMK) in use, if any, and the ARN of the CMK. You can
get DeliveryStreamEncryptionConfiguration
by invoking the DescribeDeliveryStream operation.
Contents
- FailureDescription
-
Provides details in case one of the following operations fails due to an error related to KMS: CreateDeliveryStream, DeleteDeliveryStream, StartDeliveryStreamEncryption, StopDeliveryStreamEncryption.
Type: FailureDescription object
Required: No
- KeyARN
-
If
KeyType
isCUSTOMER_MANAGED_CMK
, this field contains the ARN of the customer managed CMK. IfKeyType
isAmazon_OWNED_CMK
,DeliveryStreamEncryptionConfiguration
doesn't contain a value forKeyARN
.Type: String
Length Constraints: Minimum length of 1. Maximum length of 512.
Pattern:
arn:.*:kms:[a-zA-Z0-9\-]+:\d{12}:(key|alias)/[a-zA-Z_0-9+=,.@\-_/]+
Required: No
- KeyType
-
Indicates the type of customer master key (CMK) that is used for encryption. The default setting is
Amazon_OWNED_CMK
. For more information about CMKs, see Customer Master Keys (CMKs).Type: String
Valid Values:
AWS_OWNED_CMK | CUSTOMER_MANAGED_CMK
Required: No
- Status
-
This is the server-side encryption (SSE) status for the Firehose stream. For a full description of the different values of this status, see StartDeliveryStreamEncryption and StopDeliveryStreamEncryption. If this status is
ENABLING_FAILED
orDISABLING_FAILED
, it is the status of the most recent attempt to enable or disable SSE, respectively.Type: String
Valid Values:
ENABLED | ENABLING | ENABLING_FAILED | DISABLED | DISABLING | DISABLING_FAILED
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: