Home › Forums › AWS › AWS Certified Security – Specialty › S3 Encryption Features
Tagged: s3, s3encryption
-
S3 Encryption Features
AlexanderPearce updated 4 years, 3 months ago 2 Members · 3 Posts -
Hi John,
Would you please confirm/correct the features of SSE encryption ?
SSE-S3:
A. Use Envelope Encryption – Yes
B. Audit Trail – No
C. Least Cost – Yes
D. Automates key rotation – Yes
E. Data Encryption – Yes
F. Metadata Encryption – Yes
SSE-KMS:
A. Use Envelope Encryption – Yes
B. Audit Trail – Yes
C. Least Cost – No
D. Automates key rotation – Yes
E. Data Encryption – Yes
F. Metadata Encryption – No
<u style=”font-family: inherit; font-size: inherit;”>SSE-C:
A. Use Envelope Encryption – ?
B. Audit Trail – ?
C. Least Cost – ?
D. Automates key rotation – No
E. Data Encryption – Yes
F. Metadata Encryption – ?
-
Hi Alexander,
For SSE-S3, it only encrypts the object data, not object metadata. So you might have to update the “Metadata Encryption” in your list. More information here:
https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html
In my opinion, as long as you know the basic difference between these three options, you’re good to go. Another important thing to know is the difference of different types of CMKs in the AWS KMS.
You can check out the flashcards that I added in the course for the complete information.
Let us know if you need further assistance. The Tutorials Dojo team is dedicated to help you pass your AWS exam on your first try!
Regards,
Jon Bonso @ Tutorials Dojo
-
Thank you, Jon.
I will check the flashcards section.
I also start reading from AWS docs. Too many to read : )
Appreciate your guideline.
Log in to reply.