Key Management

Server-side encryption addresses data encryption at rest—that is, Amazon S3 Glacier encrypts your data as it writes it to its data centers and decrypts it for you when you access it. As long as you authenticate your request and you have access permissions, there is no difference in the way you access encrypted or unencrypted data.

Data at rest stored in S3 Glacier is automatically server-side encrypted using AES-256, using keys maintained by Amazon. As an additional safeguard, Amazon encrypts the key itself with a master key that we regularly rotate.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Data Encryption

Internetwork Traffic Privacy