1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
Hi,
In general, customer (security team, engineer team) should choose which encryption method to use according to their requests. AWS provides multiple exclusive options, and recommend to ensure your service encrypt at rest, encrypt at transit.
For S3, by default, the encryption is disabled. You can enable it by choosing either Amazon S3-Managed Keys (SSE-S3) or AWS Key Management Service (SSE-KMS). In summary, the former option use the key managed by AWS, which reduce the overhead to configure KMS key. The latter you have the flexibility to create and manage your KMS key.
More details: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html https://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html
Thanks,
beantwortet vor einem Jahr
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- Welche bewährten Methoden für die Sicherung meines auf Lightsail ausgeführten Linux-Servers gibt es?AWS OFFICIALAktualisiert vor 3 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 2 Jahren