Data encryption is basically the process of securing information in a way that it can only be accessed by a specific key. In this article, I am going to show you how to encrypt your s3 bucket using the s3 server-side encryption (SSE-S3). You can choose to create a new bucket, or encrypt an already created bucket.

Another method of encrypting your data on AWS is through the Key Management Service. It is somewhat different from server-side encryption. You can find a step-by-step walk-through on it here

When using server-side encryption, you are basically encrypting your data with a default manage key that will be generated by Amazon Web Services (AWS). In this post, I will walk you through server side encryption of your s3 bucket. I will also show you how to encrypt your data before uploading it to the bucket. Let’s get right to it

Server-side Encryption of S3 bucket

1. Sign in to AWS Console (

2. Drop down the “Services” tab and select “S3” in the “Storage” menu.

An interface will be displayed to you where you can select the s3 bucket you want to encrypt; or create a new s3 bucket

For the purpose of this article, I will be creating a new s3 bucket.

3. Click on the “Create bucket” button in the top right corner.

create s3 bucket

4. Input your bucket name and region. I have named our sample bucket as “blogtestbucket”.

5. After successfully creating a new bucket, select the “Bucket details” button in the top right corner. This will take you to your bucket page. There you will find the “Overview”, “Properties”, “Permissions”, “Management”, and “Access Points” tab.

6. Select the “Properties” tab and click on “Default encryption”.

7. Next, select the “AES-256” option. This is the option to use server-side encryption with S3-managed keys for your bucket.

Encrypt s3 Bucket Using Server-Side Encryption

Click “Save” to successfully encrypt your s3 bucket using server-side encryption. Your “Default encryption” tab should look like the image below when you are done.

Encrypted s3 Bucket Using Server-Side Encryption

Note: If you want to encrypt an already created bucket, skip steps 3 to 5. Proceed from step 6.

Server-side Encryption of Data

Just in case you want to encrypt your data using server-side encryption before uploading it to your s3 bucket, follow the following steps. It’s quite easy.

1. Select the s3 bucket you want to upload data into, and as expected, select the “Upload” button.

2. Select the file(s) you want to upload, and click “Next”.

3. Scroll down to the Encryption section and select the “Amazon s3 master-key” option.

4. Complete the uploading process and you are all set.

If you found any aspect of this walk-through helpful, you can share with any of the buttons below. Questions are welcomed in the comments section.

Call Now Button