Readonly
deploymentTo control target environments (AWS Account and Region) for the given useCMK
setting, you may optionally specify deployment targets.
Leaving deploymentTargets
undefined will apply useCMK
setting to all accounts and enabled regions.
Readonly
useCMKFlag indicates whether Accelerator deployed AWS Service will use AWS KMS CMK for encryption or Service managed KMS.
When set to true
, the solution will create AWS KMS CMK which will be used by the service for encryption. Example, when flag set to true
for AWS Lambda service, the solution will create AWS KMS CMK to encrypt lambda function environment variables, otherwise AWS managed key will be used for environment variables encryption.
false
Generated using TypeDoc
GlobalConfig / ServiceEncryptionConfig
AWS service encryption configuration settings
Example