Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.SageMaker.Types.OnlineStoreSecurityConfig

Description

Synopsis

data OnlineStoreSecurityConfig = OnlineStoreSecurityConfig' {
- kmsKeyId :: Maybe Text
}
newOnlineStoreSecurityConfig :: OnlineStoreSecurityConfig
onlineStoreSecurityConfig_kmsKeyId :: Lens' OnlineStoreSecurityConfig (Maybe Text)

Documentation

data OnlineStoreSecurityConfig Source #

The security configuration for OnlineStore.

See: newOnlineStoreSecurityConfig smart constructor.

Constructors

OnlineStoreSecurityConfig'

Fields

kmsKeyId :: Maybe Text
The ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.
The caller (either IAM user or IAM role) of CreateFeatureGroup must have below permissions to the OnlineStore KmsKeyId:
- ```
"kms:Encrypt"
```
- ```
"kms:Decrypt"
```
- ```
"kms:DescribeKey"
```
- ```
"kms:CreateGrant"
```
- ```
"kms:RetireGrant"
```
- ```
"kms:ReEncryptFrom"
```
- ```
"kms:ReEncryptTo"
```
- ```
"kms:GenerateDataKey"
```
- ```
"kms:ListAliases"
```
- ```
"kms:ListGrants"
```
- ```
"kms:RevokeGrant"
```
The caller (either IAM user or IAM role) to all DataPlane operations (PutRecord, GetRecord, DeleteRecord) must have the following permissions to the KmsKeyId:
- ```
"kms:Decrypt"
```

Instances

Instances details

FromJSON OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods parseJSON :: Value -> Parser OnlineStoreSecurityConfig # parseJSONList :: Value -> Parser [OnlineStoreSecurityConfig] #
ToJSON OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods toJSON :: OnlineStoreSecurityConfig -> Value # toEncoding :: OnlineStoreSecurityConfig -> Encoding # toJSONList :: [OnlineStoreSecurityConfig] -> Value # toEncodingList :: [OnlineStoreSecurityConfig] -> Encoding #
Generic OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Associated Types type Rep OnlineStoreSecurityConfig :: Type -> Type # Methods from :: OnlineStoreSecurityConfig -> Rep OnlineStoreSecurityConfig x # to :: Rep OnlineStoreSecurityConfig x -> OnlineStoreSecurityConfig #
Read OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods readsPrec :: Int -> ReadS OnlineStoreSecurityConfig # readList :: ReadS [OnlineStoreSecurityConfig] # readPrec :: ReadPrec OnlineStoreSecurityConfig # readListPrec :: ReadPrec [OnlineStoreSecurityConfig] #
Show OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods showsPrec :: Int -> OnlineStoreSecurityConfig -> ShowS # show :: OnlineStoreSecurityConfig -> String # showList :: [OnlineStoreSecurityConfig] -> ShowS #
NFData OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods rnf :: OnlineStoreSecurityConfig -> () #
Eq OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods (==) :: OnlineStoreSecurityConfig -> OnlineStoreSecurityConfig -> Bool # (/=) :: OnlineStoreSecurityConfig -> OnlineStoreSecurityConfig -> Bool #
Hashable OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig Methods hashWithSalt :: Int -> OnlineStoreSecurityConfig -> Int # hash :: OnlineStoreSecurityConfig -> Int #
type Rep OnlineStoreSecurityConfig Source #
Instance details Defined in Amazonka.SageMaker.Types.OnlineStoreSecurityConfig type Rep OnlineStoreSecurityConfig = D1 ('MetaData "OnlineStoreSecurityConfig" "Amazonka.SageMaker.Types.OnlineStoreSecurityConfig" "amazonka-sagemaker-2.0-9SyrKZ4KqhsL1qX9u3ILA3" 'False) (C1 ('MetaCons "OnlineStoreSecurityConfig'" 'PrefixI 'True) (S1 ('MetaSel ('Just "kmsKeyId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))))

newOnlineStoreSecurityConfig :: OnlineStoreSecurityConfig Source #

Create a value of OnlineStoreSecurityConfig with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:kmsKeyId:OnlineStoreSecurityConfig', onlineStoreSecurityConfig_kmsKeyId - The ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.

The caller (either IAM user or IAM role) of CreateFeatureGroup must have below permissions to the OnlineStore KmsKeyId:

```
"kms:Encrypt"
```
```
"kms:Decrypt"
```
```
"kms:DescribeKey"
```
```
"kms:CreateGrant"
```
```
"kms:RetireGrant"
```
```
"kms:ReEncryptFrom"
```
```
"kms:ReEncryptTo"
```
```
"kms:GenerateDataKey"
```
```
"kms:ListAliases"
```
```
"kms:ListGrants"
```
```
"kms:RevokeGrant"
```

The caller (either IAM user or IAM role) to all DataPlane operations (PutRecord, GetRecord, DeleteRecord) must have the following permissions to the KmsKeyId:

```
"kms:Decrypt"
```

onlineStoreSecurityConfig_kmsKeyId :: Lens' OnlineStoreSecurityConfig (Maybe Text) Source #

The ID of the Amazon Web Services Key Management Service (Amazon Web Services KMS) key that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption.

The caller (either IAM user or IAM role) of CreateFeatureGroup must have below permissions to the OnlineStore KmsKeyId:

```
"kms:Encrypt"
```
```
"kms:Decrypt"
```
```
"kms:DescribeKey"
```
```
"kms:CreateGrant"
```
```
"kms:RetireGrant"
```
```
"kms:ReEncryptFrom"
```
```
"kms:ReEncryptTo"
```
```
"kms:GenerateDataKey"
```
```
"kms:ListAliases"
```
```
"kms:ListGrants"
```
```
"kms:RevokeGrant"
```

The caller (either IAM user or IAM role) to all DataPlane operations (PutRecord, GetRecord, DeleteRecord) must have the following permissions to the KmsKeyId:

```
"kms:Decrypt"
```