AWS S3 Bucket Enable Encryption

pgali · February 16, 2018, 4:41pm

SLS provides configuration settings to define buckets created by SLS to be encrypted. I am looking for an example were I can use the same syntax to encrypt my buckets I defined as resources in my ssl yaml file

Thank you in advance.

chgerkens · February 26, 2018, 1:02pm

You can enable default server-side encryption in the resources (cloudformation) section of your serverless.yml file. Example for AES256 encryption:

resources:
  Resources:
    MyDefaultEncryptedBucket:
      Type: AWS::S3::Bucket
      Properties:
        BucketName: mydefaultencryptedbucket
        BucketEncryption:
          ServerSideEncryptionConfiguration:
            - ServerSideEncryptionByDefault:
                SSEAlgorithm: AES256

See also cloudformation user guide: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-bucketencryption.html

If you want to enforce encryption, you have to add a policy: https://aws.amazon.com/de/blogs/security/how-to-prevent-uploads-of-unencrypted-objects-to-amazon-s3/

Selimcse98 · July 18, 2018, 5:09pm

JSON:
{
“Resources”: {
“MyBucket”: {
“Type” : “AWS::S3::Bucket”,
“Properties” : {
“BucketEncryption”: {
“ServerSideEncryptionConfiguration”: [
{
“ServerSideEncryptionByDefault”: {
“SSEAlgorithm”: “AES256”
}
}
]
}
}
}
}
}

Topic		Replies	Views
Default deployment bucket SSE Serverless Framework	3	2953	July 20, 2021
Creating S3 bucket with SSE (Server Side Encryption) Serverless Framework aws	4	2981	September 24, 2020
Encrypt cloudformation S3 bucket Serverless Framework aws , security	0	554	May 11, 2020
Dynamodb Table Encryption Serverless Framework	2	3908	February 16, 2018
How to specify S3 bucket VersioningConfiguration in serverless.yml Serverless Framework	1	4035	January 30, 2019

AWS S3 Bucket Enable Encryption

Related topics