Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Associate AWS SAA Study Guide – is it SSE or CSE on page 80? Reply To: AWS SAA Study Guide – is it SSE or CSE on page 80?

  • Gerome-TutorialsDojo

    Member
    December 24, 2020 at 9:50 am

    Hello Donda,

    Thanks for the feedback.

    What isn’t replicated section, there is a point “Objects created with server-side encryption using AWS KMS–managed encryption (SSE-KMS) keys.”.

    — Yes, that’s correct. Objects created with server-side encryption using CMKs stored in AWS KMS is not replicated. Take note that replication does not support client-side encryption.

    “Both unencrypted objects and objects encrypted using Amazon S3 managed keys (SSE-S3) or AWS KMS managed keys (SSE-KMS)”.

    — By default Amazon S3 replicates the following: Unencrypted objects, Objects encrypted at rest under Amazon S3 managed keys (SSE-S3) or CMKs stored in AWS Key Management Service (SSE-KMS).

    Sources:

    https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html

    https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-config-for-kms-objects.html

    Let us know if you need further assistance. The Tutorials Dojo team is dedicated to helping you pass your AWS exam on your first try!

    Regards,

    Gerome @ Tutorials Dojo