AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Container for the parameters to the PutBucketEncryption operation.
This operation is not supported by directory buckets.
This action uses the encryption
subresource to configure default encryption
and Amazon S3 Bucket Keys for an existing bucket.
By default, all buckets have a default encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption for a bucket by using server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default encryption by using SSE-KMS, you can also configure Amazon S3 Bucket Keys. If you use PutBucketEncryption to set your default bucket encryption to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does not validate the KMS key ID provided in PutBucketEncryption requests.
This action requires Amazon Web Services Signature Version 4. For more information, see Authenticating Requests (Amazon Web Services Signature Version 4).
To use this operation, you must have permission to perform the s3:PutEncryptionConfiguration
action. The bucket owner has this permission by default. The bucket owner can grant
this permission to others. For more information about permissions, see Permissions
Related to Bucket Subresource Operations and Managing
Access Permissions to Your Amazon S3 Resources in the Amazon S3 User Guide.
The following operations are related to PutBucketEncryption
:
Namespace: Amazon.S3.Model
Assembly: AWSSDK.S3.dll
Version: 3.x.y.z
public class PutBucketEncryptionRequest : AmazonWebServiceRequest IAmazonWebServiceRequest
The PutBucketEncryptionRequest type exposes the following members
Name | Description | |
---|---|---|
![]() |
PutBucketEncryptionRequest() |
Name | Type | Description | |
---|---|---|---|
![]() |
BucketName | System.String |
Gets and sets the property BucketName. Specifies default encryption for a bucket using server-side encryption with different key options. Directory buckets - When you use this operation with a directory bucket, you must use path-style requests
in the format |
![]() |
ChecksumAlgorithm | Amazon.S3.ChecksumAlgorithm |
Gets and sets the property ChecksumAlgorithm.
Indicates the algorithm used to create the checksum for the object when you use the
SDK. This header will not provide any additional functionality if you don't use the
SDK. When you send this header, there must be a corresponding
If you provide an individual checksum, Amazon S3 ignores any provided
For directory buckets, when you use Amazon Web Services SDKs, |
![]() |
ContentMD5 | System.String |
Gets and sets the property ContentMD5.
The Base64 encoded 128-bit For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically. This functionality is not supported for directory buckets. |
![]() |
ExpectedBucketOwner | System.String |
Gets and sets the property ExpectedBucketOwner.
The account ID of the expected bucket owner. If the account ID that you provide does
not match the actual owner of the bucket, the request fails with the HTTP status code
For directory buckets, this header is not supported in this API operation.
If you specify this header, the request fails with the HTTP status code |
![]() |
ServerSideEncryptionConfiguration | Amazon.S3.Model.ServerSideEncryptionConfiguration |
Container for server-side encryption configuration rules. Currently S3 supports one rule only. |
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5 and newer, 3.5