AWS::S3::Bucket BucketEncryption
Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), Amazon KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Encryption for S3 Buckets in the Amazon S3 User Guide.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "ServerSideEncryptionConfiguration" :
[ ServerSideEncryptionRule, ... ]
}
Properties
ServerSideEncryptionConfiguration
-
Specifies the default server-side-encryption configuration.
Required: Yes
Type: Array of ServerSideEncryptionRule
Update requires: No interruption
See also
-
AWS::S3::Bucket Examples