aws-cdk-lib.aws_s3_deployment.ServerSideEncryption

enum ServerSideEncryption

LanguageType name
.NETAmazon.CDK.AWS.S3.Deployment.ServerSideEncryption
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awss3deployment#ServerSideEncryption
Javasoftware.amazon.awscdk.services.s3.deployment.ServerSideEncryption
Pythonaws_cdk.aws_s3_deployment.ServerSideEncryption
TypeScript (source)aws-cdk-lib » aws_s3_deployment » ServerSideEncryption

Indicates whether server-side encryption is enabled for the object, and whether that encryption is from the AWS Key Management Service (AWS KMS) or from Amazon S3 managed encryption (SSE-S3).

See also: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#SysMetadata

Example

const websiteBucket = new s3.Bucket(this, 'WebsiteBucket', {
  websiteIndexDocument: 'index.html',
  publicReadAccess: true,
});

new s3deploy.BucketDeployment(this, 'DeployWebsite', {
  sources: [s3deploy.Source.asset('./website-dist')],
  destinationBucket: websiteBucket,
  destinationKeyPrefix: 'web/static', // optional prefix in destination bucket
  metadata: { A: "1", b: "2" }, // user-defined metadata

  // system-defined metadata
  contentType: "text/html",
  contentLanguage: "en",
  storageClass: s3deploy.StorageClass.INTELLIGENT_TIERING,
  serverSideEncryption: s3deploy.ServerSideEncryption.AES_256,
  cacheControl: [
    s3deploy.CacheControl.setPublic(),
    s3deploy.CacheControl.maxAge(Duration.hours(1)),
  ],
  accessControl: s3.BucketAccessControl.BUCKET_OWNER_FULL_CONTROL,
});

Members

NameDescription
AES_256'AES256'.
AWS_KMS'aws:kms'.

AES_256

'AES256'.


AWS_KMS

'aws:kms'.