Loading...

Enabling Server-Side Encryption with Amazon S3-Managed Keys (SSe-S3)

Data on Amazon S3 storage can be stored using server-side encryption with Amazon S3-Managed keys.

Procedure

  • To the MediaAgent computer, add the additional settings as shown in the following table.

    For instructions about adding an additional setting from the CommCell Console, see Adding an Additional Setting from the CommCell Console.

    Additional Setting

    Category

    Type

    Value

    nCloudS3ServerSideEncryption

    MediaAgent

    Integer

    Enter one of the following values:

    • 0: Do not use Server-Side Encryption (default)
    • 1: Use Server-Side Encryption with Amazon S3-Managed Keys (SSE-S3)
    • 2: Use Server-Side Encryption with AWS KMS-Managed Keys (SSE-KMS).

      Use MediaAgent/sCloudS3ServerSideEncryptionKMSKeyID to set the KMS key.

    • 4, 5 and 6: Currently not supported. Reserved for future use.

    MediaAgent

    String

    Use this key to set the KMS key ID, when the value of nCloudS3ServerSideEncryption is set to 2.

    Create the key from AWS console and get the KMS key ID.

    If this key is not set, the default AWS KMS key will be used.

Last modified: 2/5/2020 1:49:20 PM