When I activate default encryption on my Amazon S3 bucket, do I need to update my bucket policy so that objects in the bucket are encrypted?
2 minute read
I activated default encryption on my Amazon Simple Storage Service (Amazon S3) bucket. Do I need to change my bucket policy to make sure that objects stored in my bucket are encrypted?
No, you don't need to update your bucket policy to make sure that objects stored in my bucket are encrypted. If you activate default encryption, and a user uploads an object without encryption information, then Amazon S3 uses the default encryption method that you specify. If a user specifies encryption information in the PUT request, then Amazon S3 uses the encryption specified in the request.
This behavior applies to encryption with keys that are: