Answer-first summary for fast verification
Answer: 'x-amz-server-side-encryption': 'aws:kms'
'x-amz-server-side-encryption': 'aws:kms' Server-side encryption is the encryption of data at its destination by the application or service that receives it. AWS Key Management Service (AWS KMS) is a service that combines secure, highly available hardware and software to provide a key management system scaled for the cloud. Amazon S3 uses AWS KMS customer master keys (CMKs) to encrypt your Amazon S3 objects. AWS KMS encrypts only the object data. Any object metadata is not encrypted. If the request does not include the x-amz-server-side-encryption header, then the request is denied.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your development team is working on a web application that utilizes the AWS SDK for Java to upload files to various Amazon Simple Storage Service (S3) buckets. The uploads use server-side encryption with AWS Key Management Service (SSE-KMS). Recently, developers have encountered permission errors when attempting to upload objects over HTTP. To resolve these issues, which of the following headers should be included in their request?
A
'x-amz-server-side-encryption': 'SSE-S3'
B
'x-amz-server-side-encryption': 'AES256'
C
'x-amz-server-side-encryption': 'SSE-KMS'
D
'x-amz-server-side-encryption': 'aws:kms'
No comments yet.