Class: Aws::S3::Types::ServerSideEncryptionRule

Inherits:

Struct

Object
Struct
Aws::S3::Types::ServerSideEncryptionRule

show all

Includes:: Aws::Structure

Defined in:: lib/aws-sdk-s3/types.rb

Overview

Note:

When making an API call, you may pass ServerSideEncryptionRule data as a hash:

{
  apply_server_side_encryption_by_default: {
    sse_algorithm: "AES256", # required, accepts AES256, aws:kms
    kms_master_key_id: "SSEKMSKeyId",
  },
  bucket_key_enabled: false,
}

Specifies the default server-side encryption configuration.

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#apply_server_side_encryption_by_default ⇒ Types::ServerSideEncryptionByDefault

Specifies the default server-side encryption to apply to new objects in the bucket.
#bucket_key_enabled ⇒ Boolean

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.

Instance Attribute Details

#apply_server_side_encryption_by_default ⇒ `Types::ServerSideEncryptionByDefault`

Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn’t specify any server-side encryption, this default encryption will be applied.

Returns:

(Types::ServerSideEncryptionByDefault)

# File 'lib/aws-sdk-s3/types.rb', line 14358

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end

#bucket_key_enabled ⇒ `Boolean`

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.

For more information, see [Amazon S3 Bucket Keys] in the *Amazon S3 User Guide*.

[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html