Certified Security - Specialty
  1. Rooms
  2. Certified Security - Specialty

Sign Up Free or Log In to participate!

Why does the Kinesis Firehose iam policy need KMS: Decrypt?

Hello all.

I was looking at the roles and policies created by AWS automatically for you for Kinesis Firehose and I saw it includes KMS: Decrypt. Firehose is used to ingest large amounts of data in S3. The data is not necessary encrypted from the producer so why is it necessary? Thank you!

1 Answers

Did you enable server-side data encryption? That might be the reason for seeing that.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization