Package software.amazon.awscdk.services.s3

Interface CfnBucket.ServerSideEncryptionByDefaultProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnBucket.ServerSideEncryptionByDefaultProperty.Jsii$Proxy

Enclosing class:

CfnBucket

@Stability(Stable)
public static interface CfnBucket.ServerSideEncryptionByDefaultProperty
extends software.amazon.jsii.JsiiSerializable

Describes the default server-side encryption to apply to new objects in the bucket.

If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption in the Amazon S3 API Reference .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.s3.*;
 ServerSideEncryptionByDefaultProperty serverSideEncryptionByDefaultProperty = ServerSideEncryptionByDefaultProperty.builder()
         .sseAlgorithm("sseAlgorithm")
         // the properties below are optional
         .kmsMasterKeyId("kmsMasterKeyId")
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnBucket.ServerSideEncryptionByDefaultProperty.Builder	A builder for CfnBucket.ServerSideEncryptionByDefaultProperty
static final class	CfnBucket.ServerSideEncryptionByDefaultProperty.Jsii$Proxy	An implementation for CfnBucket.ServerSideEncryptionByDefaultProperty

Method Summary

Modifier and Type	Method	Description
static CfnBucket.ServerSideEncryptionByDefaultProperty.Builder	builder()
default String	getKmsMasterKeyId()	KMS key ID to use for the default encryption.
String	getSseAlgorithm()	Server-side encryption algorithm to use for the default encryption.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getSseAlgorithm

@Stability(Stable)
@NotNull
String getSseAlgorithm()

Server-side encryption algorithm to use for the default encryption.

getKmsMasterKeyId

@Stability(Stable)
@Nullable
default String getKmsMasterKeyId()

KMS key ID to use for the default encryption. This parameter is allowed if SSEAlgorithm is aws:kms.

You can specify the key ID or the Amazon Resource Name (ARN) of the CMK. However, if you are using encryption with cross-account operations, you must use a fully qualified CMK ARN. For more information, see Using encryption for cross-account operations .

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Amazon S3 only supports symmetric KMS keys and not asymmetric KMS keys. For more information, see Using Symmetric and Asymmetric Keys in the AWS Key Management Service Developer Guide .

builder

@Stability(Stable)
static CfnBucket.ServerSideEncryptionByDefaultProperty.Builder builder()

Returns:

a CfnBucket.ServerSideEncryptionByDefaultProperty.Builder of CfnBucket.ServerSideEncryptionByDefaultProperty