How to enable Amazon S3 default bucket encryption using S3 Console

Posted on Temitope Odemo By Temitope Odemo No Comments on How to enable Amazon S3 default bucket encryption using S3 Console
Amazon S3

In this guide, I will be showing you how to enable default encryption on an Amazon S3 bucket so that all the objects are encrypted when they are stored in the bucket. The objects are encrypted using server-side encryption with either Amazon S3-managed keys (SSE-S3) or AWS Key Management Service (AWS KMS) keys. But our focus in this guide will be on AWS KMS. For other related AWS topics you can read: How to manage cost with AWS Budgets, Creating IAM Users, Adding MFA and Policies on AWS, Hosting Static Website and Versioning on AWS S3, How to Deploy Dynamic Website to AWS EC2, How to Deploy MVC Application to AWS EC2 Using RDP Connection and Web Deploy.

A step-by-step process on how to create an S3 bucket is covered in this guide: How to deploy an Angular App to AWS S3

Furthermore, Log in to the AWS Management Console and open the Amazon S3 console:  https://console.aws.amazon.com/s3/

default bucket encryption
Login Page
  • However, from the Buckets list select the name of the bucket that you want to encrypt.
enable
Bucket List
  • Choose Properties
S3 Console
Bucket Overview
  • Scroll down to Default encryption, click on Edit
Amazon S3
Default Encryption
  • Moreover, In order to enable server-side encryption, select Enable
  • In addition, To enable server-side encryption, you can either choose the Amazon S3 key (SSE-S3) or the AWS Key Management Service key (SSE-KMS) under the Encryption key type. But in this guide, we will use the SSE-KMS Encryption key type.
S3 Console
AWS Key Management Service Key

Nonetheless, Under the AWS KMS key section, you can select any of the following:

  • AWS managed key (aws/s3)
  • Choose from your KMS root keys.
  • Enter KMS root key ARN.

Consequently, In this guide, we will select Choose from your AWS KMS Keys, and we will Create Key

image-44
AWS KMS Key

Similarly, Click on the Create key button and select Symmetric, you can leave the Advanced options as it is.

image-45
Configuring the Key

Nevertheless, Enter the Alias and other sections are optional.

image-46
Adding Alias

Therefore, In the next section, you will need to define key administrative permissions like key administrators, and also you will need to define the critical usage permissions.

image-47
Key Configuration

Additionally, The key policy will be created by the time you click on the Finish button.

image-48
Key Policy

Key created below

image-49
Customer Managed Keys

Furthermore, Now select the key you created and under Bucket Key, choose Enable.

image-50
AWS KMS Key

Click Save Changes to Encrypt your S3 Bucket.

image-51
Bucket Overview

I hope you found this blog post on How to enable Amazon S3 default bucket encryption using S3 Console very interesting and helpful. In case you have any questions do not hesitate to ask in the comment section.

Rate this post
AWS/Azure/OpenShift Tags:, , , ,

Related Posts

More Related Articles

azurv2 1 How to scale up and scale out on Azure AWS/Azure/OpenShift
M365 Password Reset How to reset Microsoft 365 User Password AWS/Azure/OpenShift
article 1280x720.192a2586 1 How to apply Windows Updates from WSUS to AWS Instances AWS/Azure/OpenShift
Opswork blog 1440x800 1 Get Started with OpsWorks for Chef Automate AWS/Azure/OpenShift
image 11 Setting Up your Amazon S3 Glacier and FastGlacier for Your Online Vault AWS/Azure/OpenShift
How to configure Azure container register with secured connection with container apps Configure Azure Container Registry for a secure connection with Azure Container Apps AWS/Azure/OpenShift

Leave a Reply