My Saved Presets
You must be logged in to view saved presets

Loading Library ...

S3 Bucket with Server-Side Encryption using KMS Key

This template configures an S3 bucket with server-side encryption using an AWS KMS key.

mykey

aws_kms_key





depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



mybucket

aws_s3_bucket


grant

permissions


cors_rule

allowed_headers

allowed_methods

allowed_origins

expose_headers

lifecycle_rule


expiration

transition


noncurrent_version_expiration
noncurrent_version_transition

logging


object_lock_configuration

rule
apply_server_side_encryption_by_default


replication_configuration

rules
destination



access_control_translation


replication_time
metrics
filter



source_selection_criteria
sse_kms_encrypted_objects
server_side_encryption_configuration
rule
apply_server_side_encryption_by_default

versioning
website



routing_rules

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



example

aws_s3_bucket_server_side_encryption_configuration



rule
apply_server_side_encryption_by_default


depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

resource "aws_kms_key" "mykey" {
  deletion_window_in_days = 10
  description = "This key is used to encrypt bucket objects"
}

resource "aws_s3_bucket" "mybucket" {
  bucket = "mybucket"
}

resource "aws_s3_bucket_server_side_encryption_configuration" "example" {
  bucket = aws_s3_bucket.mybucket.id

  rule {

    apply_server_side_encryption_by_default {
      kms_master_key_id = aws_kms_key.mykey.arn
      sse_algorithm = "aws:kms"
    }
  }
}

© 2024 asecurecloud. All rights reserved.