- Server side Encryption, objects are encrypted by AWS and keys are managed by AWS(SSE-S3)
- AWS Key Managed service to manage encryption and to maintain the key(SSE-KMS)
- Encryption data key will be provided by customer when copying the data and S3 will encrypt file/object using customer datakey and store the file/object (SSE-C)
- Encryption and key are managed by customer and files are copied after Encryption from client
Ref:
https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html
No comments:
Post a Comment