Encrypt Amazon S3 Objects with KMS Managed Keys
In this lab, you’ll practice creating KMS keys and configuring S3 buckets to encrypt objects using the keys by default. When you’re finished with this lab, you’ll have a server-side encryption solution for S3 including a key and a configured bucket.
Terms and conditions apply.
Create KMS Key
You will use the AWS Key Management Service (AWS KMS) Console to create a key that will be used for server-side data encryption.
Add Default Encryption to Existing S3 Bucket
You will enable default bucket encryption to an existing bucket using the AWS S3 Management Console.
Copy Object to Encrypted S3 Bucket
You will copy an object to the encrypted S3 bucket from another S3 bucket. This will enable you to confirm that the default encryption is correctly configured.
Change Object Encryption
You will change the encryption for an S3 object by adding encryption to an unencrypted object.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
- There are no prerequisites for this lab.