Interface ServerSideEncryptionRule.Builder

All Superinterfaces:
Buildable, CopyableBuilder<ServerSideEncryptionRule.Builder,ServerSideEncryptionRule>, SdkBuilder<ServerSideEncryptionRule.Builder,ServerSideEncryptionRule>, SdkPojo
Enclosing class:
ServerSideEncryptionRule
@Mutable @NotThreadSafe public static interface ServerSideEncryptionRule.Builder extends SdkPojo, CopyableBuilder<ServerSideEncryptionRule.Builder,ServerSideEncryptionRule>

  • Method Details

    • applyServerSideEncryptionByDefault

      ServerSideEncryptionRule.Builder applyServerSideEncryptionByDefault(ServerSideEncryptionByDefault applyServerSideEncryptionByDefault)

      Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

      Parameters:
      applyServerSideEncryptionByDefault - Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.
      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • applyServerSideEncryptionByDefault

      default ServerSideEncryptionRule.Builder applyServerSideEncryptionByDefault(Consumer<ServerSideEncryptionByDefault.Builder> applyServerSideEncryptionByDefault)

      Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied.

      This is a convenience method that creates an instance of the ServerSideEncryptionByDefault.Builder avoiding the need to create one manually via ServerSideEncryptionByDefault.builder().

      When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to applyServerSideEncryptionByDefault(ServerSideEncryptionByDefault).

      Parameters:
      applyServerSideEncryptionByDefault - a consumer that will call methods on ServerSideEncryptionByDefault.Builder
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also:

    • bucketKeyEnabled

      ServerSideEncryptionRule.Builder bucketKeyEnabled(Boolean bucketKeyEnabled)

      Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 to use an S3 Bucket Key.

      • General purpose buckets - By default, S3 Bucket Key is not enabled. For more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.

      • Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

      Parameters:
      bucketKeyEnabled - Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the BucketKeyEnabled element to true causes Amazon S3 to use an S3 Bucket Key.

      • General purpose buckets - By default, S3 Bucket Key is not enabled. For more information, see Amazon S3 Bucket Keys in the Amazon S3 User Guide.

      • Directory buckets - S3 Bucket Keys are always enabled for GET and PUT operations in a directory bucket and can’t be disabled. S3 Bucket Keys aren't supported, when you copy SSE-KMS encrypted objects from general purpose buckets to directory buckets, from directory buckets to general purpose buckets, or between directory buckets, through CopyObject, UploadPartCopy, the Copy operation in Batch Operations, or the import jobs. In this case, Amazon S3 makes a call to KMS every time a copy request is made for a KMS-encrypted object.

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • blockedEncryptionTypes

      ServerSideEncryptionRule.Builder blockedEncryptionTypes(BlockedEncryptionTypes blockedEncryptionTypes)

      A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block PutObject, CopyObject, PostObject, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see Blocking an encryption type for a general purpose bucket.

      Currently, this parameter only supports blocking or unblocking Server Side Encryption with Customer Provided Keys (SSE-C). For more information about SSE-C, see Using server-side encryption with customer-provided keys (SSE-C).

      Parameters:
      blockedEncryptionTypes - A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block PutObject, CopyObject, PostObject, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see Blocking an encryption type for a general purpose bucket.

      Currently, this parameter only supports blocking or unblocking Server Side Encryption with Customer Provided Keys (SSE-C). For more information about SSE-C, see Using server-side encryption with customer-provided keys (SSE-C).

      Returns:
      Returns a reference to this object so that method calls can be chained together.

    • blockedEncryptionTypes

      default ServerSideEncryptionRule.Builder blockedEncryptionTypes(Consumer<BlockedEncryptionTypes.Builder> blockedEncryptionTypes)

      A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block PutObject, CopyObject, PostObject, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see Blocking an encryption type for a general purpose bucket.

      Currently, this parameter only supports blocking or unblocking Server Side Encryption with Customer Provided Keys (SSE-C). For more information about SSE-C, see Using server-side encryption with customer-provided keys (SSE-C).

      This is a convenience method that creates an instance of the BlockedEncryptionTypes.Builder avoiding the need to create one manually via BlockedEncryptionTypes.builder().

      When the Consumer completes, SdkBuilder.build() is called immediately and its result is passed to blockedEncryptionTypes(BlockedEncryptionTypes).

      Parameters:
      blockedEncryptionTypes - a consumer that will call methods on BlockedEncryptionTypes.Builder
      Returns:
      Returns a reference to this object so that method calls can be chained together.
      See Also: