StreamEncryption

class aws_cdk.aws_kinesisfirehose.StreamEncryption(value)

Bases: Enum

(experimental) Options for server-side encryption of a delivery stream.

Stability:

experimental

ExampleMetadata:

infused

Example:

# destination: firehose.IDestination
# SSE with an customer-managed CMK that is explicitly specified
# key: kms.Key


# SSE with an AWS-owned CMK
firehose.DeliveryStream(self, "Delivery Stream AWS Owned",
    encryption=firehose.StreamEncryption.AWS_OWNED,
    destinations=[destination]
)
# SSE with an customer-managed CMK that is created automatically by the CDK
firehose.DeliveryStream(self, "Delivery Stream Implicit Customer Managed",
    encryption=firehose.StreamEncryption.CUSTOMER_MANAGED,
    destinations=[destination]
)
firehose.DeliveryStream(self, "Delivery Stream Explicit Customer Managed",
    encryption_key=key,
    destinations=[destination]
)

Attributes

AWS_OWNED

(experimental) Data in the stream is stored encrypted by a KMS key owned by AWS and managed for use in multiple AWS accounts.

Stability:

experimental

CUSTOMER_MANAGED

(experimental) Data in the stream is stored encrypted by a KMS key managed by the customer.

Stability:

experimental

UNENCRYPTED

(experimental) Data in the stream is stored unencrypted.

Stability:

experimental