Encrypt Amazon S3 Objects with KMS Managed Keys
In this lab, you’ll practice creating KMS keys and configuring S3 buckets to encrypt objects using the keys by default. When you’re finished with this lab, you’ll have a server-side encryption solution for S3 including a key and a configured bucket.
Terms and conditions apply.
Challenge
Create KMS Key
You will use the AWS Key Management Service (AWS KMS) Console to create a key that will be used for server-side data encryption.
Challenge
Add Default Encryption to Existing S3 Bucket
You will enable default bucket encryption to an existing bucket using the AWS S3 Management Console.
Challenge
Copy Object to Encrypted S3 Bucket
You will copy an object to the encrypted S3 bucket from another S3 bucket. This will enable you to confirm that the default encryption is correctly configured.
Challenge
Change Object Encryption
You will change the encryption for an S3 object by adding encryption to an unencrypted object.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.
Recommended prerequisites
- There are no prerequisites for this lab.