Features

S3 Bucket Key for SSE-KMS encryption

  • New setting to decrease the number of API calls made to KMS from S3 by 99%.

  • Cost of overall KMS encryption with Amazon S3 by 99%.

  • This is acheived by levaraging data keys and S3 bucket key.

  • A customer master key is used to generate an S3 bucket key. This S3 bucket key will generate new data keys.

  • This data key is used to encrypt objects in S3 bucket.

  • This will lead to less KMS CloudTrail events.

PreviousKMS APINextCloud Hardware Security Module (HSM)

Last updated