class Aws::S3::Types::ServerSideEncryptionByDefault

@see docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ServerSideEncryptionByDefault AWS API Documentation
@return [String]<br>: docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html<br>[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy<br><br><br><br>the *Amazon Web Services Key Management Service Developer Guide*.
information, see [Asymmetric keys in Amazon Web Services KMS] in
Amazon S3 only supports symmetric encryption KMS keys. For more
`arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
* Key ARN:
* Key ID: ‘1234abcd-12ab-34cd-56ef-1234567890ab`
**For example:**
for cross-account operations].
qualified KMS key ARN. For more information, see [Using encryption
Amazon Web Services service operations you must use a fully
KMS key. However, if you are using encryption with cross-account or
You can specify the key ID or the Amazon Resource Name (ARN) of the
`aws:kms`.
parameter is allowed if and only if `SSEAlgorithm` is set to
Services KMS key ID to use for the default encryption. This
Amazon Web Services Key Management Service (KMS) customer Amazon Web
@!attribute [rw] kms_master_key_id
@return [String]
Server-side encryption algorithm to use for the default encryption.
@!attribute [rw] sse_algorithm<br><br>: docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html<br><br><br><br>*Amazon S3 API Reference*.
SSE-KMS. For more information, see [PUT Bucket encryption] in the
with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for
Web Services account the first time that you add an object encrypted
automatically creates an Amazon Web Services KMS key in your Amazon
you don’t specify a customer managed key at configuration, Amazon S3
server-side encryption, this default encryption will be applied. If
in the bucket. If a PUT Object request doesn’t specify any
Describes the default server-side encryption to apply to new objects