aws-cdk-lib.aws_sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty

interface OnlineStoreSecurityConfigProperty

LanguageType name
.NETAmazon.CDK.AWS.Sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awssagemaker#CfnFeatureGroup_OnlineStoreSecurityConfigProperty
Javasoftware.amazon.awscdk.services.sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty
Pythonaws_cdk.aws_sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty
TypeScript aws-cdk-lib » aws_sagemaker » CfnFeatureGroup » OnlineStoreSecurityConfigProperty

The security configuration for OnlineStore .

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_sagemaker as sagemaker } from 'aws-cdk-lib';
const onlineStoreSecurityConfigProperty: sagemaker.CfnFeatureGroup.OnlineStoreSecurityConfigProperty = {
  kmsKeyId: 'kmsKeyId',
};

Properties

NameTypeDescription
kmsKeyId?stringThe AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.

kmsKeyId?

Type: string (optional)

The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.

The caller (either user or IAM role) of CreateFeatureGroup must have below permissions to the OnlineStore KmsKeyId :

  • "kms:Encrypt"
  • "kms:Decrypt"
  • "kms:DescribeKey"
  • "kms:CreateGrant"
  • "kms:RetireGrant"
  • "kms:ReEncryptFrom"
  • "kms:ReEncryptTo"
  • "kms:GenerateDataKey"
  • "kms:ListAliases"
  • "kms:ListGrants"
  • "kms:RevokeGrant"

The caller (either user or IAM role) to all DataPlane operations ( PutRecord , GetRecord , DeleteRecord ) must have the following permissions to the KmsKeyId :

  • "kms:Decrypt"