BlockedEncryptionTypes
A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block PutObject, CopyObject, PostObject, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see Blocking an encryption type for a general purpose bucket.
This data type is used with the following actions:
- Permissions
-
You must have the
s3:PutEncryptionConfigurationpermission to block or unblock an encryption type for a bucket.You must have the
s3:GetEncryptionConfigurationpermission to view a bucket's encryption type.
Contents
- EncryptionType
-
The object encryption type that you want to block or unblock for an Amazon S3 general purpose bucket.
Note
Currently, this parameter only supports blocking or unblocking server side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see Using server-side encryption with customer-provided keys (SSE-C).
Type: Array of strings
Valid Values:
NONE | SSE-CRequired: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: