Skip to content

Commit

Permalink
include a note to allow kms key access
Browse files Browse the repository at this point in the history
  • Loading branch information
Aimee Lin authored and Aimee Lin committed May 13, 2022
1 parent aa16206 commit f1afb56
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ parameter_overrides = "VpcId=\"vpc-xxxxxxxx\" SubnetIds=\"subnet-xxxxxxxxxxxxx\"
be replicated when creating the staging RDS.
- The DataMasque EC2 instance **must** allow inbound connections from the **DatamasqueRun** Lambda.
- The DataMasque EC2 instance **must** allow inbound connections from the **SqsConsumer** Lambda.
- Grant permission for the stepfunctions to use the KMS key configured on the source database to encrypt masked snapshots.
- Grant permissions for the stepfunctions and lambda functions to use the KMS key configured on the source database to encrypt masked snapshots if you are not using the default RDS key. Note: this template assumes the source database uses default RDS KMS keyas every organization might have different key configuration standard.

## AWS Step Function execution

Expand Down

0 comments on commit f1afb56

Please sign in to comment.