Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.S3.PutBucketEncryption

Contents

Creating a Request
Request Lenses
Destructuring the Response

Description

This action uses the encryption subresource to configure default encryption and Amazon S3 Bucket Key for an existing bucket.

Default encryption for a bucket can use server-side encryption with Amazon S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). If you specify default encryption using SSE-KMS, you can also configure Amazon S3 Bucket Key. For information about default encryption, see Amazon S3 default bucket encryption in the Amazon S3 User Guide. For more information about S3 Bucket Keys, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.

This action requires Amazon Web Services Signature Version 4. For more information, see Authenticating Requests (Amazon Web Services Signature Version 4).

To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration action. The bucket owner has this permission by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources in the Amazon S3 User Guide.

Related Resources

Creating a Request

data PutBucketEncryption Source #

See: newPutBucketEncryption smart constructor.

Constructors

PutBucketEncryption'

Fields

contentMD5 :: Maybe Text
The base64-encoded 128-bit MD5 digest of the server-side encryption configuration.
For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.
expectedBucketOwner :: Maybe Text
The account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.
bucket :: BucketName
Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Bucket Encryption in the Amazon S3 User Guide.
serverSideEncryptionConfiguration :: ServerSideEncryptionConfiguration

Instances

Instances details

Eq PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods (==) :: PutBucketEncryption -> PutBucketEncryption -> Bool # (/=) :: PutBucketEncryption -> PutBucketEncryption -> Bool #
Show PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods showsPrec :: Int -> PutBucketEncryption -> ShowS # show :: PutBucketEncryption -> String # showList :: [PutBucketEncryption] -> ShowS #
Generic PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Associated Types type Rep PutBucketEncryption :: Type -> Type # Methods from :: PutBucketEncryption -> Rep PutBucketEncryption x # to :: Rep PutBucketEncryption x -> PutBucketEncryption #
NFData PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods rnf :: PutBucketEncryption -> () #
Hashable PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods hashWithSalt :: Int -> PutBucketEncryption -> Int # hash :: PutBucketEncryption -> Int #
AWSRequest PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Associated Types type AWSResponse PutBucketEncryption # Methods request :: PutBucketEncryption -> Request PutBucketEncryption # response :: MonadResource m => Logger -> Service -> Proxy PutBucketEncryption -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse PutBucketEncryption))) #
ToHeaders PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods toHeaders :: PutBucketEncryption -> [Header] #
ToPath PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods toPath :: PutBucketEncryption -> ByteString #
ToQuery PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods toQuery :: PutBucketEncryption -> QueryString #
ToElement PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods toElement :: PutBucketEncryption -> Element #
type Rep PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption type Rep PutBucketEncryption = D1 ('MetaData "PutBucketEncryption" "Amazonka.S3.PutBucketEncryption" "libZSservicesZSamazonka-s3ZSamazonka-s3" 'False) (C1 ('MetaCons "PutBucketEncryption'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "contentMD5") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: S1 ('MetaSel ('Just "expectedBucketOwner") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :: (S1 ('MetaSel ('Just "bucket") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 BucketName) :*: S1 ('MetaSel ('Just "serverSideEncryptionConfiguration") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 ServerSideEncryptionConfiguration))))
type AWSResponse PutBucketEncryption Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption type AWSResponse PutBucketEncryption = PutBucketEncryptionResponse

newPutBucketEncryption Source #

Arguments

:: BucketName	`$sel:bucket:PutBucketEncryption'`
-> ServerSideEncryptionConfiguration	`$sel:serverSideEncryptionConfiguration:PutBucketEncryption'`
-> PutBucketEncryption

Create a value of PutBucketEncryption with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:contentMD5:PutBucketEncryption', putBucketEncryption_contentMD5 - The base64-encoded 128-bit MD5 digest of the server-side encryption configuration.

For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.

$sel:expectedBucketOwner:PutBucketEncryption', putBucketEncryption_expectedBucketOwner - The account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.

$sel:bucket:PutBucketEncryption', putBucketEncryption_bucket - Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Bucket Encryption in the Amazon S3 User Guide.

$sel:serverSideEncryptionConfiguration:PutBucketEncryption', putBucketEncryption_serverSideEncryptionConfiguration - Undocumented member.

Request Lenses

putBucketEncryption_contentMD5 :: Lens' PutBucketEncryption (Maybe Text) Source #

The base64-encoded 128-bit MD5 digest of the server-side encryption configuration.

For requests made using the Amazon Web Services Command Line Interface (CLI) or Amazon Web Services SDKs, this field is calculated automatically.

putBucketEncryption_expectedBucketOwner :: Lens' PutBucketEncryption (Maybe Text) Source #

The account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.

putBucketEncryption_bucket :: Lens' PutBucketEncryption BucketName Source #

Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). For information about the Amazon S3 default encryption feature, see Amazon S3 Default Bucket Encryption in the Amazon S3 User Guide.

putBucketEncryption_serverSideEncryptionConfiguration :: Lens' PutBucketEncryption ServerSideEncryptionConfiguration Source #

Undocumented member.

Destructuring the Response

data PutBucketEncryptionResponse Source #

See: newPutBucketEncryptionResponse smart constructor.

Constructors

PutBucketEncryptionResponse'

Instances

Instances details

Eq PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods (==) :: PutBucketEncryptionResponse -> PutBucketEncryptionResponse -> Bool # (/=) :: PutBucketEncryptionResponse -> PutBucketEncryptionResponse -> Bool #
Read PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods readsPrec :: Int -> ReadS PutBucketEncryptionResponse # readList :: ReadS [PutBucketEncryptionResponse] # readPrec :: ReadPrec PutBucketEncryptionResponse # readListPrec :: ReadPrec [PutBucketEncryptionResponse] #
Show PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods showsPrec :: Int -> PutBucketEncryptionResponse -> ShowS # show :: PutBucketEncryptionResponse -> String # showList :: [PutBucketEncryptionResponse] -> ShowS #
Generic PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Associated Types type Rep PutBucketEncryptionResponse :: Type -> Type # Methods from :: PutBucketEncryptionResponse -> Rep PutBucketEncryptionResponse x # to :: Rep PutBucketEncryptionResponse x -> PutBucketEncryptionResponse #
NFData PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption Methods rnf :: PutBucketEncryptionResponse -> () #
type Rep PutBucketEncryptionResponse Source #
Instance details Defined in Amazonka.S3.PutBucketEncryption type Rep PutBucketEncryptionResponse = D1 ('MetaData "PutBucketEncryptionResponse" "Amazonka.S3.PutBucketEncryption" "libZSservicesZSamazonka-s3ZSamazonka-s3" 'False) (C1 ('MetaCons "PutBucketEncryptionResponse'" 'PrefixI 'False) (U1 :: Type -> Type))

newPutBucketEncryptionResponse :: PutBucketEncryptionResponse Source #

Create a value of PutBucketEncryptionResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.