enum BucketEncryption
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.S3.BucketEncryption |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awss3#BucketEncryption |
![]() | software.amazon.awscdk.services.s3.BucketEncryption |
![]() | aws_cdk.aws_s3.BucketEncryption |
![]() | aws-cdk-lib » aws_s3 » BucketEncryption |
What kind of server-side encryption to apply to this bucket.
Example
declare const application: appconfig.Application;
const bucket = new s3.Bucket(this, 'MyBucket', {
versioned: true,
encryption: s3.BucketEncryption.KMS,
});
new appconfig.SourcedConfiguration(this, 'MySourcedConfiguration', {
application,
location: appconfig.ConfigurationSource.fromBucket(bucket, 'path/to/file.json'),
});
Members
Name | Description |
---|---|
UNENCRYPTED | Previous option. |
KMS_MANAGED | Server-side KMS encryption with a master key managed by KMS. |
S3_MANAGED | Server-side encryption with a master key managed by S3. |
KMS | Server-side encryption with a KMS key managed by the user. |
DSSE_MANAGED | Double server-side KMS encryption with a master key managed by KMS. |
DSSE | Double server-side encryption with a KMS key managed by the user. |
UNENCRYPTED
Previous option.
Buckets can not be unencrypted now.
See also: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html
KMS_MANAGED
Server-side KMS encryption with a master key managed by KMS.
S3_MANAGED
Server-side encryption with a master key managed by S3.
KMS
Server-side encryption with a KMS key managed by the user.
If encryptionKey
is specified, this key will be used, otherwise, one will be defined.
DSSE_MANAGED
Double server-side KMS encryption with a master key managed by KMS.
DSSE
Double server-side encryption with a KMS key managed by the user.
If encryptionKey
is specified, this key will be used, otherwise, one will be defined.