Use the encryption specified by the S3 bucket instead of SSE-KMS #4897
Unanswered
christianplatta1012
asked this question in
Help
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
All files written by Sagemaker seem to have SSE-KMS encryption even if the bucket is configured with SSE-S3 encryption.
We don't specify any KMS keys, therefore this seems to be a default behaviour when the kms key parameter is none.
Is there a configuration option to change this somewhere?
This is an issue for us because our bucket has a replication config that should move the files generated by sagemaker to another account. SSE-KMS encrypted objects are not replicated by default and we would need to create our own KMS key and do the IAM stuff for everything that is working with the files. This is a big overhead especially in a cross-account replication scenario
Beta Was this translation helpful? Give feedback.
All reactions