Add support for SSE aws:kms and kms-key-id

[brilong]

I would love to use s3deploy instead of aws s3 cp, but I have to specify aws s3 cp --sse aws:kms --sse-kms-key-id arn:aws:kms:my-key in order to transfer files into my bucket. I do not see any options for using a customer-managed KMS key with s3deploy. If you could please add this feature, I would be able to take advantage of your tool. Thank you!

[bep]

s3deploy's primary motivation is to deploy static sites. In my head, the data is meant to be public. What is the added value in encrypting it?

[brilong]

Following NIST 800-171 or 800-53, all data must be encrypted in transit and at rest. It does not matter if the content is public, I need to encrypt all my S3 buckets. Thank you for your consideration.

On Tue, Oct 11, 2022, 7:37 AM Bjørn Erik Pedersen @.***> wrote:

s3deploy's primary motivation is to deploy static sites. In my head, the data is meant to be public. What is the added value in encrypting it?

— Reply to this email directly, view it on GitHub https://github.com/bep/s3deploy/issues/305#issuecomment-1274545074, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAYAAJ7RLVBPQMWGJGPDDGDWCVGQ3ANCNFSM6AAAAAAQV5RSUY . You are receiving this because you authored the thread.Message ID: @.***>