Use Amazon S3 client-side encryption - Amazon SDK for Java 1.x
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

The Amazon SDK for Java 1.x has entered maintenance mode as of July 31, 2024, and will reach end-of-support on December 31, 2025. We recommend that you migrate to the Amazon SDK for Java 2.x to continue receiving new features, availability improvements, and security updates.

Use Amazon S3 client-side encryption

Encrypting data using the Amazon S3 encryption client is one way you can provide an additional layer of protection for sensitive information you store in Amazon S3. The examples in this section demonstrate how to create and configure the Amazon S3 encryption client for your application.

If you are new to cryptography, see the Cryptography Basics in the Amazon KMS Developer Guide for a basic overview of cryptography terms and algorithms. For information about cryptography support across all Amazon SDKs, see Amazon SDK Support for Amazon S3 Client-Side Encryption in the Amazon Web Services General Reference.

Note

These code examples assume that you understand the material in Using the Amazon SDK for Java and have configured default Amazon credentials using the information in Set up Amazon Credentials and Region for Development.

If you are using version 1.11.836 or earlier of the Amazon SDK for Java, see Amazon S3 Encryption Client Migration for information on migrating your applications to later versions. If you cannot migrate, see this complete example on GitHub.

Otherwise, if you are using version 1.11.837 or later of the Amazon SDK for Java, explore the example topics listed below to use Amazon S3 client-side encryption.

Topics