Class: Aws::S3::Types::ServerSideEncryptionByDefault

Inherits:

Struct

• Object
• Struct
• Aws::S3::Types::ServerSideEncryptionByDefault

Defined in:

gems/aws-sdk-s3/lib/aws-sdk-s3/types.rb

Overview

Note:

When making an API call, you may pass ServerSideEncryptionByDefault data as a hash:

{
  sse_algorithm: "AES256", # required, accepts AES256, aws:kms
  kms_master_key_id: "SSEKMSKeyId",
}

Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see PUT Bucket encryption in the Amazon Simple Storage Service API Reference.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[:kms_master_key_id]

Instance Attribute Summary

• #kms_master_key_id ⇒ String

  AWS Key Management Service (KMS) customer master key ID to use for the default encryption.

• #sse_algorithm ⇒ String

  Server-side encryption algorithm to use for the default encryption.

Instance Attribute Details

#kms_master_key_id ⇒ String

AWS Key Management Service (KMS) customer master key ID to use for the default encryption. This parameter is allowed if and only if SSEAlgorithm is set to aws:kms.

You can specify the key ID or the Amazon Resource Name (ARN) of the CMK. However, if you are using encryption with cross-account operations, you must use a fully qualified CMK ARN. For more information, see Using encryption for cross-account operations.

For example:

• Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab

• Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab

Amazon S3 only supports symmetric CMKs and not asymmetric CMKs. For more information, see Using Symmetric and Asymmetric Keys in the AWS Key Management Service Developer Guide.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/types.rb', line 12957

class ServerSideEncryptionByDefault < Struct.new(
  :sse_algorithm,
  :kms_master_key_id)
  SENSITIVE = [:kms_master_key_id]
  include Aws::Structure
end

#sse_algorithm ⇒ String

Server-side encryption algorithm to use for the default encryption.

Returns:

• (String)

# File 'gems/aws-sdk-s3/lib/aws-sdk-s3/types.rb', line 12957

class ServerSideEncryptionByDefault < Struct.new(
  :sse_algorithm,
  :kms_master_key_id)
  SENSITIVE = [:kms_master_key_id]
  include Aws::Structure
end