How to make S3 bucket with CMK public?

Team, I have a use case to make an S3 bucket public that is encrypted with Customer Managed Key. For private buckets, we grant the principals access to the Key in KMS service, but how do i grant access to KMS key for all the public users. I tried Principal * and it didn't work. Any suggestions?

主題

安全性、身分識別與合規 AWS Well-Architected Framework

標籤

AWS Key Management Service AWS Identity and Access Management AWS IAM Identity Center 安全性

語言

English

balajepalli

已提問 2 個月前檢視次數 324 次

1 個回答

最新
最多得票
最多評論

Accessing to objects encrypted with SSE-KMS requires IAM permission to decrypt. If you need to make the objects completely public, either don't use the default bucket encryption or use SSE-S3.

專家

AWS-User-alantam

已回答 2 個月前

專家

Sedat Salman

已審閱 2 個月前

專家

Oleksii Bebych

已審閱 2 個月前

專家

Mikel Del Tio

已審閱 2 個月前

balajepalli
2 個月前
To be sure, you are saying if i have to make my objects public I can only use SSE-S3, right?
AWS-User-alantam 專家
2 個月前
yes, if you want to make the objects publicly available to everyone without authentication.

How to make S3 bucket with CMK public?

相關內容