Getting Information About The Encryption of Your Bucket

You can get information about the encryption configuration applied to a bucket.

Getting Information About The Encryption of Your Bucket Using AWS CLI (s3api)

Before you begin: Install and configure AWS CLI. For more information, see Installing and Configuring AWS CLI.

To get information about the encryption configuration applied to a bucket, use the get-bucket-encryption command following this syntax:

Request sample
$ aws s3api get-bucket-encryption \
    --profile YOUR_PROFILE \
    --bucket BUCKET \
    --debug \
    --endpoint https://oos.eu-west-2.outscale.com

This command contains the following options that you need to specify:

  • (optional) profile: The named profile you want to use, created when configuring AWS CLI.

  • bucket: The name of the bucket whose encryption configuration you want to retrieve.

  • (optional) debug: When included, returns a detailed log of the operation. This is useful to analyze and troubleshoot issues you may be encountering.

  • endpoint: The endpoint corresponding to the Region you want to send the request to.

The get-bucket-encryption command returns the following elements:

  • ServerSideEncryptionConfiguration: The rules that define how encryption is applied to the objects stored in the bucket.

    • Rules: One or more rules in the encryption configuration.

      • ApplyServerSideEncryptionByDefault: The default encryption settings applied to new objects stored in the bucket. It specifies which server-side encryption method is used and any associated configuration details.

        • SSEAlgorithm: The server-side encryption algorithm used to encrypt objects in the bucket (always AES256).

      • BucketKeyEnabled: Whether the cryptographic key is used per bucket or per account (always false). 3DS OUTSCALE provides a default main cryptographic key for your account to encrypt your data. For more information, see Bucket Encryption Configuration Reference.

Result sample
{
    "ServerSideEncryptionConfiguration": {
        "Rules": [
            {
                "ApplyServerSideEncryptionByDefault": {
                    "SSEAlgorithm": "AES256"
                },
                "BucketKeyEnabled": false
            }
        ]
    }
}

Related Pages

AWS™ and Amazon Web Services™ are trademarks of Amazon Technologies, Inc or its affiliates in the United States and/or other countries.