Add support for SSE aws:kms and kms-key-id #305
Comments
|
s3deploy's primary motivation is to deploy static sites. In my head, the data is meant to be public. What is the added value in encrypting it? |
|
Following NIST 800-171 or 800-53, all data must be encrypted in transit and
at rest. It does not matter if the content is public, I need to encrypt
all my S3 buckets. Thank you for your consideration.
…On Tue, Oct 11, 2022, 7:37 AM Bjørn Erik Pedersen ***@***.***> wrote:
s3deploy's primary motivation is to deploy static sites. In my head, the
data is meant to be public. What is the added value in encrypting it?
—
Reply to this email directly, view it on GitHub
<#305 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAYAAJ7RLVBPQMWGJGPDDGDWCVGQ3ANCNFSM6AAAAAAQV5RSUY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I would love to use s3deploy instead of aws s3 cp, but I have to specify aws s3 cp --sse aws:kms --sse-kms-key-id arn:aws:kms:my-key in order to transfer files into my bucket. I do not see any options for using a customer-managed KMS key with s3deploy. If you could please add this feature, I would be able to take advantage of your tool. Thank you!
The text was updated successfully, but these errors were encountered: