We need a working AWS account with the following resources configured:

1. A bucket: I will be using a bucket with the name awsseccookbook. Replace it with your bucket name. 
2. A user with administrator permission on S3: Configure a CLI profile for this user. I will be calling both the user and the profile on the awssecadmin CLI.
3. A customer-managed key created in KMS: Follow the Creating keys in KMS recipe in Chapter 4, Key Management with KMS and CloudHSM, to create a key. I have created one named MyS3Key.