Difference between revisions of "AWS S3 encryption"
Jump to navigation
Jump to search
| (5 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
*At [[rest]]: | *At [[rest]]: | ||
** [[Server Side Encryption]] (SSE): | ** [[Server Side Encryption]] (SSE): | ||
| − | **S3 Managed Keys (SSE-S3; 256bit); | + | ** [[S3 Managed Keys]] (SSE-S3; 256bit); |
| − | **[[AWS Key Management Service]], Managed Keys (SSE-KMS) | + | ** [[AWS Key Management Service]], Managed Keys (SSE-KMS) |
| − | **Server Side Encryption with Customer Provided Keys (SSE-C) | + | ** Server Side Encryption with Customer Provided Keys (SSE-C) |
| − | * Client Side Encryption | + | * [[Client Side Encryption]]: user encrypts data and use AWS S3 to store it |
| − | |||
== Related == | == Related == | ||
| − | * [[aws s3api get-bucket-encryption]] | + | * <code>[[aws s3api get-bucket-encryption]]</code> command |
| − | + | * [[Terraform S3 resources]]: <code>[[aws_s3_bucket_server_side_encryption_configuration]]</code> | |
== See also == | == See also == | ||
Revision as of 04:02, 23 May 2024
Encryption (2017) is supported in AWS S3 (default Advanced Encryption Standard (AES) 256bit)
- In transit (SSL/TLS)
- At rest:
- Server Side Encryption (SSE):
- S3 Managed Keys (SSE-S3; 256bit);
- AWS Key Management Service, Managed Keys (SSE-KMS)
- Server Side Encryption with Customer Provided Keys (SSE-C)
- Client Side Encryption: user encrypts data and use AWS S3 to store it
Related
aws s3api get-bucket-encryptioncommand- Terraform S3 resources:
aws_s3_bucket_server_side_encryption_configuration
See also
- AWS S3,
aws s3, aws s3api, aws s3control, s3:, Amazon S3 Storage Lens, AWS S3 replication, CRR, SSR, CAR, S3 Replication Time Control (S3 RTC), Website endpoint, Amazon Macie, Versioning, Lifecycle, Encryption, logging, Amazon S3 Inventory, Amazon S3 Batch Operations, Storage Classes, Amazon S3 clients, Terraform S3, AWS canned ACLs, Directory buckets, security,PutObject
Advertising:
