- Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/.
- In the Bucket name list, choose the name of the bucket that you want.
- Choose Properties.
- Choose Default encryption.
- If you want to use keys that are managed by Amazon S3 for default encryption, choose AES-256, and choose Save.
- If you want to use CMKs that are stored in AWS KMS for default encryption, follow these steps:
a Choose AWS-KMS.
b. To choose a customer-managed AWS KMS CMK that you have created, use one of these methods: In the list that appears, choose the AWS KMS CMK. In the list that appears, choose Custom KMS ARN, and then enter the Amazon Resource Name of the AWS KMS CMK.
- Choose Save.
Ensure S3 buckets have default encryption (SSE) enabled or use a bucket policy to enforce it Print
Created by: Ravi Polumuru
Modified on: Fri, 24 Apr, 2020 at 6:50 PM
Did you find it helpful?Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.