/AWS1/CL_S3_SSEKMSENCRYPTION¶

If SSEKMS is specified for ObjectEncryption, this data type specifies the Amazon Web Services KMS key Amazon Resource Name (ARN) to use and whether to use an S3 Bucket Key for server-side encryption using Key Management Service (KMS) keys (SSE-KMS).

`CONSTRUCTOR`¶

IMPORTING¶

Required arguments:¶

`iv_kmskeyarn` `TYPE /AWS1/S3_NONEMPTYKMSKEYARNSTR` `/AWS1/S3_NONEMPTYKMSKEYARNSTR`¶

Specifies the Amazon Web Services KMS key Amazon Resource Name (ARN) to use for the updated server-side encryption type. Required if ObjectEncryption specifies SSEKMS.

You must specify the full Amazon Web Services KMS key ARN. The KMS key ID and KMS key alias aren't supported.

Pattern: (arn:aws[-a-z0-9]:kms:[-a-z0-9]:[0-9]{12}:key/.+)

Optional arguments:¶

`iv_bucketkeyenabled` `TYPE /AWS1/S3_BUCKETKEYENABLED` `/AWS1/S3_BUCKETKEYENABLED`¶

Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). If this value isn't specified, it defaults to false. Setting this value to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. For more information, see Using Amazon S3 Bucket Keys in the Amazon S3 User Guide.

Valid Values: true | false

Queryable Attributes¶

KMSKeyArn¶

Specifies the Amazon Web Services KMS key Amazon Resource Name (ARN) to use for the updated server-side encryption type. Required if ObjectEncryption specifies SSEKMS.

You must specify the full Amazon Web Services KMS key ARN. The KMS key ID and KMS key alias aren't supported.

Pattern: (arn:aws[-a-z0-9]:kms:[-a-z0-9]:[0-9]{12}:key/.+)

Accessible with the following methods¶

Method	Description
`GET_KMSKEYARN()`	Getter for KMSKEYARN, with configurable default
`ASK_KMSKEYARN()`	Getter for KMSKEYARN w/ exceptions if field has no value
`HAS_KMSKEYARN()`	Determine if KMSKEYARN has a value

BucketKeyEnabled¶

Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). If this value isn't specified, it defaults to false. Setting this value to true causes Amazon S3 to use an S3 Bucket Key for object encryption with SSE-KMS. For more information, see Using Amazon S3 Bucket Keys in the Amazon S3 User Guide.

Valid Values: true | false

Accessible with the following methods¶

Method	Description
`GET_BUCKETKEYENABLED()`	Getter for BUCKETKEYENABLED, with configurable default
`ASK_BUCKETKEYENABLED()`	Getter for BUCKETKEYENABLED w/ exceptions if field has no va
`HAS_BUCKETKEYENABLED()`	Determine if BUCKETKEYENABLED has a value

/AWS1/CL_S3_SSEKMSENCRYPTION¶

CONSTRUCTOR¶

IMPORTING¶

Required arguments:¶

iv_kmskeyarn TYPE /AWS1/S3_NONEMPTYKMSKEYARNSTR /AWS1/S3_NONEMPTYKMSKEYARNSTR¶

Optional arguments:¶

iv_bucketkeyenabled TYPE /AWS1/S3_BUCKETKEYENABLED /AWS1/S3_BUCKETKEYENABLED¶

Queryable Attributes¶

KMSKeyArn¶

Accessible with the following methods¶

BucketKeyEnabled¶

Accessible with the following methods¶

`CONSTRUCTOR`¶

`iv_kmskeyarn` `TYPE /AWS1/S3_NONEMPTYKMSKEYARNSTR` `/AWS1/S3_NONEMPTYKMSKEYARNSTR`¶

`iv_bucketkeyenabled` `TYPE /AWS1/S3_BUCKETKEYENABLED` `/AWS1/S3_BUCKETKEYENABLED`¶