Description of changes:
This code change adds a new parameter AutomaticBackupReplicationKmsKeyId to the CloudFormation DBInstance template with supporting logic to provide this parameter when enabling AutomatedBackupsReplication. When customers with DBInstances that have enabled StorageEncryption wishes to start AutomatedBackupsReplication in a region, they must provide a valid KMS Key in the replication region. Currently there is no way customers can provide this KMS Key via CloudFormation.
Known limitations of the AutomatedBackupsReplication:
When customers have retained backups in a region they must provide the same KMS key used to encrypt those backups.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Issue #, if available:
Description of changes: This code change adds a new parameter
AutomaticBackupReplicationKmsKeyIdto the CloudFormation DBInstance template with supporting logic to provide this parameter when enablingAutomatedBackupsReplication. When customers with DBInstances that have enabledStorageEncryptionwishes to startAutomatedBackupsReplicationin a region, they must provide a valid KMS Key in the replication region. Currently there is no way customers can provide this KMS Key via CloudFormation.Known limitations of the AutomatedBackupsReplication:
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.