AWS KMS keys for encrypting data before uploading to Amazon S3 Glacier
I'm required to use an AWS KMS key for encrypting data in Amazon S3 Glacier. However, the AWS KMS encryption with customer-owned keys isn't directly supported in S3 Glacier. I want to use client-side encryption of the data (and encrypt the data before uploading it to Amazon S3 Glacier). Can I use the AWS KMS key for client-side encryption (for data outside of AWS)? Or, do I have to use an AWS SDK to encrypt the data with an AWS KMS key?
- Le plus récent
- Le plus de votes
- La plupart des commentaires
You can use the Amazon S3 client-side encryption to encrypt the data before sending it to S3. Amazon S3 client-side encryption supports AWS KMS as the root key provider. However, it's recommended to use the AWS Encryption SDK as it offers more features while supporting AWS KMS.
To enable client-side encryption, you have the following options:
- Use an AWS KMS key stored in AWS Key Management Service (AWS KMS).
- Use a key that you store within your application.
For more information, you can also take a look at these AWS Blogs posts:
Contenus pertinents
- demandé il y a un an
- demandé il y a un mois
- demandé il y a 3 mois
- demandé il y a 7 mois
AWS OFFICIELA mis à jour il y a 8 mois- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 2 ans