AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Container for the parameters to the PutBucketEncryption operation.
This operation is not supported by directory buckets.
This action uses the encryption
subresource to configure default encryption
and Amazon S3 Bucket Keys for an existing bucket.
By default, all buckets have a default encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption for a bucket by using server-side encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer server-side encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default encryption by using SSE-KMS, you can also configure Amazon S3 Bucket Keys. If you use PutBucketEncryption to set your default bucket encryption to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 does not validate the KMS key ID provided in PutBucketEncryption requests.
This action requires Amazon Web Services Signature Version 4. For more information, see Authenticating Requests (Amazon Web Services Signature Version 4).
To use this operation, you must have permission to perform the s3:PutEncryptionConfiguration
action. The bucket owner has this permission by default. The bucket owner can grant
this permission to others. For more information about permissions, see Permissions
Related to Bucket Subresource Operations and Managing
Access Permissions to Your Amazon S3 Resources in the Amazon S3 User Guide.
The following operations are related to PutBucketEncryption
:
Namespace: Amazon.S3.Model
Assembly: AWSSDK.S3.dll
Version: 3.x.y.z
public class PutBucketEncryptionRequest : AmazonWebServiceRequest IAmazonWebServiceRequest
The PutBucketEncryptionRequest type exposes the following members
Name | Description | |
---|---|---|
PutBucketEncryptionRequest() |
Name | Type | Description | |
---|---|---|---|
BucketName | System.String |
Gets and sets the property BucketName. Specifies default encryption for a bucket using server-side encryption with different key options. By default, all buckets have a default encryption configuration that uses server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally configure default encryption for a bucket by using server-side encryption with an Amazon Web Services KMS key (SSE-KMS) or a customer-provided key (SSE-C). For information about the bucket default encryption feature, see Amazon S3 Bucket Default Encryption in the Amazon S3 User Guide. |
|
ChecksumAlgorithm | Amazon.S3.ChecksumAlgorithm |
Gets and sets the property ChecksumAlgorithm.
Indicates the algorithm used to create the checksum for the object when you use the
SDK. This header will not provide any additional functionality if you don't use the
SDK. When you send this header, there must be a corresponding
If you provide an individual checksum, Amazon S3 ignores any provided |
|
ContentMD5 | System.String |
Gets and sets the property ContentMD5. The base64-encoded 128-bit MD5 digest of the server-side encryption configuration. For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically. |
|
ExpectedBucketOwner | System.String |
Gets and sets the property ExpectedBucketOwner.
The account ID of the expected bucket owner. If the account ID that you provide does
not match the actual owner of the bucket, the request fails with the HTTP status code
|
|
ServerSideEncryptionConfiguration | Amazon.S3.Model.ServerSideEncryptionConfiguration |
Container for server-side encryption configuration rules. Currently S3 supports one rule only. |
.NET Core App:
Supported in: 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.5, 4.0, 3.5