Class: Aws::S3::Types::ServerSideEncryptionRule

Inherits:

Struct

Object
Struct
Aws::S3::Types::ServerSideEncryptionRule

show all

Includes:: Aws::Structure

Defined in:: lib/aws-sdk-s3/types.rb

Overview

Note:

When making an API call, you may pass ServerSideEncryptionRule data as a hash:

{
  apply_server_side_encryption_by_default: {
    sse_algorithm: "AES256", # required, accepts AES256, aws:kms
    kms_master_key_id: "SSEKMSKeyId",
  },
  bucket_key_enabled: false,
}

Specifies the default server-side encryption configuration.

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#apply_server_side_encryption_by_default ⇒ Types::ServerSideEncryptionByDefault

Specifies the default server-side encryption to apply to new objects in the bucket.
#bucket_key_enabled ⇒ Boolean

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket.

Instance Attribute Details

#apply_server_side_encryption_by_default ⇒ `Types::ServerSideEncryptionByDefault`

Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn’t specify any server-side encryption, this default encryption will be applied.

Returns:

(Types::ServerSideEncryptionByDefault)

# File 'lib/aws-sdk-s3/types.rb', line 16040

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end

#bucket_key_enabled ⇒ `Boolean`

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ‘BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.

For more information, see [Amazon S3 Bucket Keys] in the *Amazon S3 User Guide*.

[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html