AWS Certified Developer - Associate
Get started today
Ultimate access to all questions.
You are maintaining a widely-used web application that retrieves data from an Amazon Simple Storage Service (S3) bucket. The application's development team utilizes the AWS SDK to manage the application and introduce new functionalities. As part of security compliance measures, it is mandated that all new objects uploaded to the S3 bucket be encrypted with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3) during the upload process. To comply with this security requirement, which specific headers should the developers include in their upload requests?
You are maintaining a widely-used web application that retrieves data from an Amazon Simple Storage Service (S3) bucket. The application's development team utilizes the AWS SDK to manage the application and introduce new functionalities. As part of security compliance measures, it is mandated that all new objects uploaded to the S3 bucket be encrypted with Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3) during the upload process. To comply with this security requirement, which specific headers should the developers include in their upload requests?
Explanation:
'x-amz-server-side-encryption': 'AES256'
Server-side encryption protects data at rest. Amazon S3 encrypts each object with a unique key. As an additional safeguard, it encrypts the key itself with a master key that it rotates regularly. Amazon S3 server-side encryption uses one of the strongest block ciphers available to encrypt your data, 256-bit Advanced Encryption Standard (AES-256).
SSE-S3 Overview: