AWS::Forecast::Dataset EncryptionConfig

An AWS Key Management Service (KMS) key and an AWS Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key. You can specify this optional object in the CreateDataset and CreatePredictor requests.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "KmsKeyArn" : String, "RoleArn" : String }

YAML

KmsKeyArn: String RoleArn: String

Properties

KmsKeyArn

The Amazon Resource Name (ARN) of the KMS key.

Required: No

Type: String

Maximum: 256

Pattern: arn:aws:kms:.*:key/.*

Update requires: No interruption

RoleArn

The ARN of the IAM role that Amazon Forecast can assume to access the AWS KMS key.

Passing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an InvalidInputException error.

Required: No

Type: String

Maximum: 256

Pattern: arn:([a-z\d-]+):forecast:.*:.*:.+

Update requires: No interruption