Class: Aws::S3::Types::EncryptionConfiguration
- Inherits:
-
Struct
- Object
- Struct
- Aws::S3::Types::EncryptionConfiguration
- Includes:
- Aws::Structure
- Defined in:
- lib/aws-sdk-s3/types.rb
Overview
Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects.
<note markdown=“1”> If you’re specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that’s encrypted with a KMS key that belongs to the requester, and not the bucket owner.
</note>
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#replica_kms_key_id ⇒ String
Specifies the ID (Key ARN or Alias ARN) of the customer managed Amazon Web Services KMS key stored in Amazon Web Services Key Management Service (KMS) for the destination bucket.
Instance Attribute Details
#replica_kms_key_id ⇒ String
Specifies the ID (Key ARN or Alias ARN) of the customer managed Amazon Web Services KMS key stored in Amazon Web Services Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in Amazon Web Services KMS] in the *Amazon Web Services Key Management Service Developer Guide*.
[1]: docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
4849 4850 4851 4852 4853 |
# File 'lib/aws-sdk-s3/types.rb', line 4849 class EncryptionConfiguration < Struct.new( :replica_kms_key_id) SENSITIVE = [] include Aws::Structure end |