This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::EC2::VerifiedAccessTrustProvider SseSpecification AWS Verified Access provides server side encryption by default to data at rest using AWS-owned KMS keys. You also have the option of using customer managed KMS keys, which can be specified using the options below. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[CustomerManagedKeyEnabled](#cfn-ec2-verifiedaccesstrustprovider-ssespecification-customermanagedkeyenabled)" : {{Boolean}}, "[KmsKeyArn](#cfn-ec2-verifiedaccesstrustprovider-ssespecification-kmskeyarn)" : {{String}} } ``` ### YAML ``` [CustomerManagedKeyEnabled](#cfn-ec2-verifiedaccesstrustprovider-ssespecification-customermanagedkeyenabled): {{Boolean}} [KmsKeyArn](#cfn-ec2-verifiedaccesstrustprovider-ssespecification-kmskeyarn): {{String}} ``` ## Properties `CustomerManagedKeyEnabled` Enable or disable the use of customer managed KMS keys for server side encryption. Valid values: `True` \| `False` *Required*: No *Type*: Boolean *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `KmsKeyArn` The ARN of the KMS key. *Required*: No *Type*: String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)