Class: Aws::S3::Types::ServerSideEncryptionRule

Inherits:
Struct
  • Object
show all
Includes:
Aws::Structure
Defined in:
lib/aws-sdk-s3/types.rb

Overview

Specifies the default server-side encryption configuration.

<note markdown=“1”> If you’re specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that’s encrypted with a KMS key that belongs to the requester, and not the bucket owner.

</note>

See Also:

Constant Summary collapse

SENSITIVE = 
[]

Instance Attribute Summary collapse

Instance Attribute Details

#apply_server_side_encryption_by_defaultTypes::ServerSideEncryptionByDefault

Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn’t specify any server-side encryption, this default encryption will be applied.

Returns:



16020
16021
16022
16023
16024
16025
 
# File 'lib/aws-sdk-s3/types.rb', line 16020

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end

#bucket_key_enabledBoolean

Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ‘BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled.

For more information, see [Amazon S3 Bucket Keys] in the *Amazon S3 User Guide*.

[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html

Returns:

  • (Boolean) 


16020
16021
16022
16023
16024
16025
 
# File 'lib/aws-sdk-s3/types.rb', line 16020

class ServerSideEncryptionRule < Struct.new(
  :apply_server_side_encryption_by_default,
  :bucket_key_enabled)
  SENSITIVE = []
  include Aws::Structure
end