class Aws::S3::Types::ServerSideEncryptionRule
Specifies the default server-side encryption configuration.
@note When making an API call, you may pass ServerSideEncryptionRule
data as a hash: { apply_server_side_encryption_by_default: { sse_algorithm: "AES256", # required, accepts AES256, aws:kms kms_master_key_id: "SSEKMSKeyId", }, bucket_key_enabled: false, }
@!attribute [rw] apply_server_side_encryption_by_default
Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. @return [Types::ServerSideEncryptionByDefault]
@!attribute [rw] bucket_key_enabled
Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the `BucketKeyEnabled` element to `true` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. For more information, see [Amazon S3 Bucket Keys][1] in the *Amazon S3 User Guide*. [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html @return [Boolean]
@see docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ServerSideEncryptionRule AWS API Documentation
Constants
- SENSITIVE