# AwsS3BucketServerSideEncryptionByDefault Specifies the default server-side encryption to apply to new objects in the bucket. ## Contents ** KMSMasterKeyID ** AWS KMS key ID to use for the default encryption. Type: String Pattern: `.*\S.*` Required: No ** SSEAlgorithm ** Server-side encryption algorithm to use for the default encryption. Valid values are `aws: kms` or `AES256`. Type: String Pattern: `.*\S.*` Required: No ## See Also For more information about using this API in one of the language-specific AWS SDKs, see the following: + [AWS SDK for C\$1\$1](https://docs.aws.amazon.com/goto/SdkForCpp/securityhub-2018-10-26/AwsS3BucketServerSideEncryptionByDefault) + [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/securityhub-2018-10-26/AwsS3BucketServerSideEncryptionByDefault) + [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/securityhub-2018-10-26/AwsS3BucketServerSideEncryptionByDefault)