From a1b9285cfa54a71074691928b6ab88144a7c59a1 Mon Sep 17 00:00:00 2001 From: perzycharles <37419121+perzycharles@users.noreply.github.com> Date: Mon, 25 Nov 2024 19:52:21 +0900 Subject: [PATCH] enable S3 Bucket key by default (#872) --- aws/logs_monitoring/template.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/aws/logs_monitoring/template.yaml b/aws/logs_monitoring/template.yaml index f6ee4c27..79b23133 100644 --- a/aws/logs_monitoring/template.yaml +++ b/aws/logs_monitoring/template.yaml @@ -724,7 +724,8 @@ Resources: - !Ref AWS::NoValue BucketEncryption: ServerSideEncryptionConfiguration: - - ServerSideEncryptionByDefault: + - BucketKeyEnabled: true + ServerSideEncryptionByDefault: SSEAlgorithm: "aws:kms" PublicAccessBlockConfiguration: BlockPublicAcls: true