Interface CfnBucket.IServerSideEncryptionByDefaultProperty
Describes the default server-side encryption to apply to new objects in the bucket.
Namespace: Amazon.CDK.AWS.S3
Assembly: Amazon.CDK.AWS.S3.dll
Syntax (csharp)
public interface IServerSideEncryptionByDefaultProperty
Syntax (vb)
Public Interface IServerSideEncryptionByDefaultProperty
Remarks
If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption in the Amazon S3 API Reference .
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.S3;
var serverSideEncryptionByDefaultProperty = new ServerSideEncryptionByDefaultProperty {
SseAlgorithm = "sseAlgorithm",
// the properties below are optional
KmsMasterKeyId = "kmsMasterKeyId"
};
Synopsis
Properties
KmsMasterKeyId | KMS key ID to use for the default encryption. This parameter is allowed if SSEAlgorithm is aws:kms. |
SseAlgorithm | Server-side encryption algorithm to use for the default encryption. |
Properties
KmsMasterKeyId
KMS key ID to use for the default encryption. This parameter is allowed if SSEAlgorithm is aws:kms.
virtual string KmsMasterKeyId { get; }
Property Value
System.String
Remarks
You can specify the key ID or the Amazon Resource Name (ARN) of the CMK. However, if you are using encryption with cross-account operations, you must use a fully qualified CMK ARN. For more information, see Using encryption for cross-account operations .
For example:
Amazon S3 only supports symmetric KMS keys and not asymmetric KMS keys. For more information, see <a href="https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric Keys</a> in the <em>AWS Key Management Service Developer Guide</em> .
SseAlgorithm
Server-side encryption algorithm to use for the default encryption.
string SseAlgorithm { get; }
Property Value
System.String