AWS::Synthetics::Canary S3Encryption

A structure that contains the configuration of the encryption-at-rest settings for artifacts that the canary uploads to Amazon S3. Artifact encryption functionality is available only for canaries that use Synthetics runtime version syn-nodejs-puppeteer-3.3 or later. For more information, see Encrypting canary artifacts.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "EncryptionMode" : String,
  "KmsKeyArn" : String
}

YAML


  EncryptionMode: String
  KmsKeyArn: String

Properties

EncryptionMode

The encryption method to use for artifacts created by this canary. Specify SSE_S3 to use server-side encryption (SSE) with an Amazon S3-managed key. Specify SSE-KMS to use server-side encryption with a customer-managed AWS KMS key.

If you omit this parameter, an AWS-managed AWS KMS key is used.

Required: No

Type: String

Update requires: No interruption

KmsKeyArn

The ARN of the customer-managed AWS KMS key to use, if you specify SSE-KMS for EncryptionMode

Required: No

Type: String

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

RunConfig

Schedule