I just started to enable server side encryption on all my buckets:
MyBucket:
Type: AWS::S3::Bucket
Properties:
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
I can still access the data through the console and my lambdas.
But for future use of the bucket and data on it. Does this encryption impact:
- Upload/download via presigned url?
- Manipulating the data in kinesis data firehose
- Analytics on the data via Athena?
Or can we use this services as is and AWS handles the encryption for us when the services try to access the data on the bucket?
CodePudding user response:
There will be no impact if you are using AES256
encryption. If you switched to using a KMS key for S3 encryption then you would have to provide IAM permissions to use the KMS key to any services interacting with the S3 bucket.