Articles → AWS → AWS S3 Encryption

AWS S3 Encryption

In this article, we will discuss the AWS S3 encryption.

Types Of Encryptions

There are 2 types of encryptions: -

Client-side encryption → In client-side encryption, the data is encrypted locally before sending it to the S3 service. The s3 service has no role in encrypting or decrypting the data
Server-side encryption → In server-side encryption, data is encrypted by the S3 service

While creating the bucket, you have an option to enable the default encryption.

Click to Enlarge

For encryption and decryption, you can use 2 types of keys: -

Amazon S3 Key (SSE-S3) → These are the Amazon managed keys
AWS Key Management Service key (SSE-KMS) → These are the keys created by the user using the Key Management Service

Query/Feedback