How do you set SSE-S3 or SSE-KMS encryption on S3 buckets using Cloud Formation Template?

Question

I\'m trying to use a CloudFormation Template to spin up an S3 Bucket in AWS. One of the requirements for this project is that the bucket be encrypted in place. I\'ve been

Answer 1

If you have a specific KMS key use the following

  ConfigBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: "mytestbucketwithkmsencryptionkey"
      AccessControl: PublicRead
      BucketEncryption: 
        ServerSideEncryptionConfiguration: 
        - ServerSideEncryptionByDefault:
            SSEAlgorithm: aws:kms
            KMSMasterKeyID: "YOUR KMS KEY ARN"