Lab 4 1: S3 Server side Encryption Server Provided Keys - nicolas-tullio/Tech-Journal GitHub Wiki

Deliverables

Submit screenshot of your S3 bucket with a file stored in it.

image

Submit screenshot of your KMS key listed in the console

image

Screenshot showing properties of a file in your S3 bucket that is encrypted with S3 Master Key

image

image

Screenshot showing properties of a file in your S3 bucket that is encrypted with your AWS KMS key

image

image

Steps

Create bucket using S3 Server Side Encryption

image image

Upload a small file as a test

image

Create a Customer Managed Key in KMS

image

image

image

image

image

Use native S3 SSE (S3 Master Key) to protect a file in S3 Bucket

Click Upload to add a file to your S3 Bucket

  • Expand Properties
  • Select "Specify and encryption key"
  • Override bucket settings
  • Select SSE-S3 (this uses AWS's managed key)

image

Use native AWS KMS SSE (KMS Master Key) to protect a file in S3 Bucket

image