putBucketEncryption method
Written by
Updated at November 15, 2022
Adds encryption to the bucket. By default, the objects added to the bucket are encrypted with the specified KMS key. For more information about bucket encryption, see Encryption in Object Storage.
Request
PUT /{bucket}?encryption HTTP/2
Path parameters
Parameter | Description |
---|---|
bucket |
Bucket name. |
Headers
Use only common request headers in requests.
Response
Headers
Responses can only contain common response headers.
Response codes
For a list of possible responses, see Responses.
A successful response contains additional data in XML format with the schema described below.
Data schema
<ServerSideEncryptionConfiguration>
<Rule>
<ApplyServerSideEncryptionByDefault>
<KMSMasterKeyID>string</KMSMasterKeyID>
<SSEAlgorithm>string</SSEAlgorithm>
</ApplyServerSideEncryptionByDefault>
</Rule>
...
</ServerSideEncryptionConfiguration>
Element | Description |
---|---|
ApplyServerSideEncryptionByDefault |
Sets default encryption for the object, if other encryption parameters are omitted in the request. Path: ServerSideEncryptionConfiguration\Rule\ApplyServerSideEncryptionByDefault . |
KMSMasterKeyID |
ID of the KMS key. Path: ServerSideEncryptionConfiguration\Rule\ApplyServerSideEncryptionByDefault\KMSMasterKeyID . |
Rule |
Encryption policy on the server side. Encryption is defined by the KMSMasterKeyID and SSEAlgorithm elements.Path: ServerSideEncryptionConfiguration\Rule . |
ServerSideEncryptionConfiguration |
Encryption configuration used for new objects in the bucket by default. Path: ServerSideEncryptionConfiguration . |
SSEAlgorithm |
The encryption algorithm. Available values: aws:kms .Path: ServerSideEncryptionConfiguration\Rule\ApplyServerSideEncryptionByDefault\SSEAlgorithm . |