DEV Community

Cover image for Amazon S3 Encryption

Posted on

Amazon S3 Encryption


While in-transit .ie. data traveling to and from Amazon S3-use
SSL/TLS and while at rest .ie. data stored on disks in Amazon S3 data centers - use SSE, CSE.

Server Side Encryption options (SSE):

  • SSE-S3: AWS S3 Managed keys. Each object encrypted with unique key. Cost effective.
  • SSE-KMS: Customer Master Keys stored in AWS Key Management Service.
  • SSE-C: Customer-Provided keys

Client Side Encryption (CSE):

Encrypting data before sending it to Amazon S3.

Image by Markus Spiske from Pixabay

Top comments (0)