class Aws::S3::Types::ServerSideEncryptionRule

Specifies the default server-side encryption configuration.

@note When making an API call, you may pass ServerSideEncryptionRule

data as a hash:

    {
      apply_server_side_encryption_by_default: {
        sse_algorithm: "AES256", # required, accepts AES256, aws:kms
        kms_master_key_id: "SSEKMSKeyId",
      },
      bucket_key_enabled: false,
    }

@!attribute [rw] apply_server_side_encryption_by_default

Specifies the default server-side encryption to apply to new objects
in the bucket. If a PUT Object request doesn't specify any
server-side encryption, this default encryption will be applied.
@return [Types::ServerSideEncryptionByDefault]

@!attribute [rw] bucket_key_enabled

Specifies whether Amazon S3 should use an S3 Bucket Key with
server-side encryption using KMS (SSE-KMS) for new objects in the
bucket. Existing objects are not affected. Setting the
`BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3
Bucket Key. By default, S3 Bucket Key is not enabled.

For more information, see [Amazon S3 Bucket Keys][1] in the *Amazon
S3 User Guide*.

[1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html
@return [Boolean]

@see docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ServerSideEncryptionRule AWS API Documentation

Constants

SENSITIVE