Interface CfnBucket.IServerSideEncryptionByDefaultProperty
Describes the default server-side encryption to apply to new objects in the bucket.
Namespace: Amazon.CDK.AWS.S3
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IServerSideEncryptionByDefaultProperty
Syntax (vb)
Public Interface IServerSideEncryptionByDefaultProperty
Remarks
If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see PutBucketEncryption .
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.S3;
var serverSideEncryptionByDefaultProperty = new ServerSideEncryptionByDefaultProperty {
SseAlgorithm = "sseAlgorithm",
// the properties below are optional
KmsMasterKeyId = "kmsMasterKeyId"
};
Synopsis
Properties
KmsMasterKeyId | AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. |
SseAlgorithm | Server-side encryption algorithm to use for the default encryption. |
Properties
KmsMasterKeyId
AWS Key Management Service (KMS) customer managed key ID to use for the default encryption.
virtual string KmsMasterKeyId { get; }
Property Value
System.String
Remarks
You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key.
If you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see Using encryption for cross-account operations .
SseAlgorithm
Server-side encryption algorithm to use for the default encryption.
string SseAlgorithm { get; }
Property Value
System.String
Remarks
For directory buckets, there are only two supported values for server-side encryption: AES256
and aws:kms
.