class Aws::S3::Types::ServerSideEncryptionByDefault


@see docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ServerSideEncryptionByDefault AWS API Documentation
@return [String]<br>: docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html<br>[1]: docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy<br><br><br><br>the *Amazon Web Services Key Management Service Developer Guide*.
information, see [Asymmetric keys in Amazon Web Services KMS] in
Amazon S3 only supports symmetric encryption KMS keys. For more<br><br>operations].
ARN. For more information, see [Using encryption for cross-account
Services service operations you must use a fully qualified KMS key
If you are using encryption with cross-account or Amazon Web
error when creating a VPC flow log.
If you use a key ID, you can run into a LogDestination undeliverable
* Key Alias: ‘alias/alias-name`
`arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
* Key ARN:
* Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
(ARN) of the KMS key.
You can specify the key ID, key alias, or the Amazon Resource Name
`aws:kms`.
parameter is allowed if and only if `SSEAlgorithm` is set to
Services KMS key ID to use for the default encryption. This
Amazon Web Services Key Management Service (KMS) customer Amazon Web
@!attribute [rw] kms_master_key_id
@return [String]
Server-side encryption algorithm to use for the default encryption.
@!attribute [rw] sse_algorithm<br><br>: docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html<br><br><br><br>*Amazon S3 API Reference*.
SSE-KMS. For more information, see [PUT Bucket encryption] in the
with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for
Web Services account the first time that you add an object encrypted
automatically creates an Amazon Web Services KMS key in your Amazon
you don’t specify a customer managed key at configuration, Amazon S3
server-side encryption, this default encryption will be applied. If
in the bucket. If a PUT Object request doesn’t specify any
Describes the default server-side encryption to apply to new objects