The easiest way to secure data on S3 is via the S3 console.
As we don't have any S3 buckets in our sample application, we will create the bucket and configure it to store data in encrypted form:
- In the Amazon S3 console, click on the Create bucket button:
- In the Create bucket pop-up window, specify a name for the bucket and the region. Click on the Next button:
.
- Select the AWS-KMS option for server-side encryption using AWS KMS Manager:
- Next, specify the permissions on the bucket. Here, we do not grant public access to the bucket as we only access S3 from within our application. Click on the Next button:
- Review the information presented and click on the Create bucket button:
>
- You should see your newly created S3 bucket as shown:
