Class: Aws::S3::Types::ServerSideEncryptionRule

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-s3/types.rb

Overview

Specifies the default server-side encryption configuration.

<note markdown=“1”> If you’re specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that’s encrypted with a KMS key that belongs to the requester, and not the bucket owner.

</note>

See Also:

Constant Summary collapse

SENSITIVE = 
[]

Instance Attribute Summary collapse

Instance Attribute Details

#apply_server_side_encryption_by_defaultTypes::ServerSideEncryptionByDefault

Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn’t specify any server-side encryption, this default encryption will be applied.

Returns:



16020
16021
16022
16023
16024
16025
 
# File 'lib/aws-sdk-s3/types.rb', line 16020

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end

#bucket_key_enabledBoolean

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.

For more information, see [Amazon S3 Bucket Keys] in the *Amazon S3 User Guide*.

[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html

Returns:

  • (Boolean) 


16020
16021
16022
16023
16024
16025
 
# File 'lib/aws-sdk-s3/types.rb', line 16020

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end