Configure S3 Bucket Encryption

The dataserver.aws.s3.bucket.encryption.check.enable configuration flag controls automatic fetching of bucket encryption settings from AWS S3.

When enabled, DataServer calls the AWS S3 to detect encryption settings and automatically adds KMS permissions to STS tokens if buckets use SSE-KMS encryption. The default value is false.

Self Managed and Data Plane

SSH to the instance where Privacera Manager is installed.

Run the following command to open the vars.dataserver.aws.yml file.

Bash
1	`vi ~/privacera/privacera-manager/config/custom-vars/vars.dataserver.aws.yml`

Uncomment the DATA_SERVER_AWS_S3_BUCKET_ENCRYPTION_CHECK_ENABLE property and set it to "true":
YAML
1
DATA_SERVER_AWS_S3_BUCKET_ENCRYPTION_CHECK_ENABLE: "true"
Once the properties are configured, refer to the Privacera Manager Quickstart.

Prev topic: Advanced Configuration