/AWS1/CL_FRH=>STOPDELIVERYSTREAMENCRYPTION()
¶
About StopDeliveryStreamEncryption¶
Disables server-side encryption (SSE) for the delivery stream.
This operation is asynchronous. It returns immediately. When you invoke it, Firehose first sets the encryption status of the stream to DISABLING
, and then
to DISABLED
. You can continue to read and write data to your stream while its
status is DISABLING
. It can take up to 5 seconds after the encryption status
changes to DISABLED
before all records written to the delivery stream are no
longer subject to encryption. To find out whether a record or a batch of records was
encrypted, check the response elements PutRecordOutput$Encrypted and
PutRecordBatchOutput$Encrypted, respectively.
To check the encryption state of a delivery stream, use DescribeDeliveryStream.
If SSE is enabled using a customer managed CMK and then you invoke
StopDeliveryStreamEncryption
, Firehose schedules the related
KMS grant for retirement and then retires it after it ensures that it is finished
delivering records to the destination.
The StartDeliveryStreamEncryption
and
StopDeliveryStreamEncryption
operations have a combined limit of 25 calls
per delivery stream per 24 hours. For example, you reach the limit if you call
StartDeliveryStreamEncryption
13 times and
StopDeliveryStreamEncryption
12 times for the same delivery stream in a
24-hour period.
Method Signature¶
IMPORTING¶
Required arguments:¶
IV_DELIVERYSTREAMNAME
TYPE /AWS1/FRHDELIVERYSTREAMNAME
/AWS1/FRHDELIVERYSTREAMNAME
¶
The name of the delivery stream for which you want to disable server-side encryption (SSE).