enum BucketEncryption
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.S3.BucketEncryption |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awss3#BucketEncryption |
 Java | software.amazon.awscdk.services.s3.BucketEncryption |
 Python | aws_cdk.aws_s3.BucketEncryption |
 TypeScript (source) | aws-cdk-lib » aws_s3 » BucketEncryption |
What kind of server-side encryption to apply to this bucket.
Example
declare const application: appconfig.Application;
const bucket = new s3.Bucket(this, 'MyBucket', {
versioned: true,
encryption: s3.BucketEncryption.KMS,
});
new appconfig.SourcedConfiguration(this, 'MySourcedConfiguration', {
application,
location: appconfig.ConfigurationSource.fromBucket(bucket, 'path/to/file.json'),
});
Members
| Name | Description |
|---|---|
| UNENCRYPTED | Previous option. |
| KMS_MANAGED | Server-side KMS encryption with a master key managed by KMS. |
| S3_MANAGED | Server-side encryption with a master key managed by S3. |
| KMS | Server-side encryption with a KMS key managed by the user. |
| DSSE_MANAGED | Double server-side KMS encryption with a master key managed by KMS. |
| DSSE | Double server-side encryption with a KMS key managed by the user. |
UNENCRYPTED
Previous option.
Buckets can not be unencrypted now.
See also: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html
KMS_MANAGED
Server-side KMS encryption with a master key managed by KMS.
S3_MANAGED
Server-side encryption with a master key managed by S3.
KMS
Server-side encryption with a KMS key managed by the user.
If encryptionKey is specified, this key will be used, otherwise, one will be defined.
DSSE_MANAGED
Double server-side KMS encryption with a master key managed by KMS.
DSSE
Double server-side encryption with a KMS key managed by the user.
If encryptionKey is specified, this key will be used, otherwise, one will be defined.