You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::MediaConvert::Types::S3EncryptionSettings

Inherits:

Struct

Object
Struct
Aws::MediaConvert::Types::S3EncryptionSettings

show all

Defined in:: (unknown)

Overview

Note:

When passing S3EncryptionSettings as input to an Aws::Client method, you can use a vanilla Hash:

{
  encryption_type: "SERVER_SIDE_ENCRYPTION_S3", # accepts SERVER_SIDE_ENCRYPTION_S3, SERVER_SIDE_ENCRYPTION_KMS
  kms_key_arn: "__stringPatternArnAwsUsGovCnKmsAZ26EastWestCentralNorthSouthEastWest1912D12KeyAFAF098AFAF094AFAF094AFAF094AFAF0912",
}

Settings for how your job outputs are encrypted as they are uploaded to Amazon S3.

Returned by:

Aws::MediaConvert::Types::S3DestinationSettings#encryption

Instance Attribute Summary collapse

#encryption_type ⇒ String
Specify how you want your data keys managed.
#kms_key_arn ⇒ String
Optionally, specify the customer master key (CMK) that you want to use to encrypt the data key that AWS uses to encrypt your output content.

Instance Attribute Details

#encryption_type ⇒ `String`

Specify how you want your data keys managed. AWS uses data keys to encrypt your content. AWS also encrypts the data keys themselves, using a customer master key (CMK), and then stores the encrypted data keys alongside your encrypted content. Use this setting to specify which AWS service manages the CMK. For simplest set up, choose Amazon S3 (SERVER_SIDE_ENCRYPTION_S3). If you want your master key to be managed by AWS Key Management Service (KMS), choose AWS KMS (SERVER_SIDE_ENCRYPTION_KMS). By default, when you choose AWS KMS, KMS uses the AWS managed customer master key (CMK) associated with Amazon S3 to encrypt your data keys. You can optionally choose to specify a different, customer managed CMK. Do so by specifying the Amazon Resource Name (ARN) of the key for the setting KMS ARN (kmsKeyArn).

Possible values:

SERVER_SIDE_ENCRYPTION_S3
SERVER_SIDE_ENCRYPTION_KMS

Returns:

(String) —
Specify how you want your data keys managed.

#kms_key_arn ⇒ `String`

Optionally, specify the customer master key (CMK) that you want to use to encrypt the data key that AWS uses to encrypt your output content. Enter the Amazon Resource Name (ARN) of the CMK. To use this setting, you must also set Server-side encryption (S3ServerSideEncryptionType) to AWS KMS (SERVER_SIDE_ENCRYPTION_KMS). If you set Server-side encryption to AWS KMS but don\'t specify a CMK here, AWS uses the AWS managed CMK associated with Amazon S3.