1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hi,
In general, customer (security team, engineer team) should choose which encryption method to use according to their requests. AWS provides multiple exclusive options, and recommend to ensure your service encrypt at rest, encrypt at transit.
For S3, by default, the encryption is disabled. You can enable it by choosing either Amazon S3-Managed Keys (SSE-S3) or AWS Key Management Service (SSE-KMS). In summary, the former option use the key managed by AWS, which reduce the overhead to configure KMS key. The latter you have the flexibility to create and manage your KMS key.
More details: https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html https://docs.aws.amazon.com/kms/latest/developerguide/services-s3.html
Thanks,
回答済み 1年前
関連するコンテンツ
- 質問済み 2ヶ月前
- 質問済み 6年前
- 質問済み 6年前
- AWS公式更新しました 2年前
- AWS公式更新しました 9ヶ月前