Doc AWS SDK 예제 GitHub 리포지토리에서 더 많은 SDK 예제를 사용할 수 있습니다. [AWS](https://github.com/awsdocs/aws-doc-sdk-examples) 기계 번역으로 제공되는 번역입니다. 제공된 번역과 원본 영어의 내용이 상충하는 경우에는 영어 버전이 우선합니다. # AWS SDK와 `PutBucketEncryption` 함께 사용 다음 코드 예시는 `PutBucketEncryption`의 사용 방법을 보여 줍니다. ------ #### [ Java ] **SDK for Java 2.x** GitHub에 더 많은 내용이 있습니다. [AWS 코드 예 리포지토리](https://github.com/awsdocs/aws-doc-sdk-examples/tree/main/javav2/example_code/s3/src/main/java/com/example/s3/directorybucket#code-examples)에서 전체 예를 찾고 설정 및 실행하는 방법을 배워보세요. 디렉터리 버킷에 버킷 암호화를 설정합니다. ``` import org.slf4j.Logger; import org.slf4j.LoggerFactory; import software.amazon.awssdk.regions.Region; import software.amazon.awssdk.services.kms.KmsClient; import software.amazon.awssdk.services.s3.S3Client; import software.amazon.awssdk.services.s3.model.PutBucketEncryptionRequest; import software.amazon.awssdk.services.s3.model.S3Exception; import software.amazon.awssdk.services.s3.model.ServerSideEncryption; import software.amazon.awssdk.services.s3.model.ServerSideEncryptionByDefault; import software.amazon.awssdk.services.s3.model.ServerSideEncryptionConfiguration; import software.amazon.awssdk.services.s3.model.ServerSideEncryptionRule; import static com.example.s3.util.S3DirectoryBucketUtils.createDirectoryBucket; import static com.example.s3.util.S3DirectoryBucketUtils.createKmsClient; import static com.example.s3.util.S3DirectoryBucketUtils.createKmsKey; import static com.example.s3.util.S3DirectoryBucketUtils.deleteDirectoryBucket; import static com.example.s3.util.S3DirectoryBucketUtils.scheduleKeyDeletion; /** * Sets the default encryption configuration for an S3 bucket as SSE-KMS. * * @param s3Client The S3 client used to interact with S3 * @param bucketName The name of the directory bucket * @param kmsKeyId The ID of the customer-managed KMS key */ public static void putDirectoryBucketEncryption(S3Client s3Client, String bucketName, String kmsKeyId) { // Define the default encryption configuration to use SSE-KMS. For directory // buckets, AWS managed KMS keys aren't supported. Only customer-managed keys // are supported. ServerSideEncryptionByDefault encryptionByDefault = ServerSideEncryptionByDefault.builder() .sseAlgorithm(ServerSideEncryption.AWS_KMS) .kmsMasterKeyID(kmsKeyId) .build(); // Create a server-side encryption rule to apply the default encryption // configuration. For directory buckets, the bucketKeyEnabled field is enforced // to be true. ServerSideEncryptionRule rule = ServerSideEncryptionRule.builder() .bucketKeyEnabled(true) .applyServerSideEncryptionByDefault(encryptionByDefault) .build(); // Create the server-side encryption configuration for the bucket ServerSideEncryptionConfiguration encryptionConfiguration = ServerSideEncryptionConfiguration.builder() .rules(rule) .build(); // Create the PutBucketEncryption request PutBucketEncryptionRequest putRequest = PutBucketEncryptionRequest.builder() .bucket(bucketName) .serverSideEncryptionConfiguration(encryptionConfiguration) .build(); // Set the bucket encryption try { s3Client.putBucketEncryption(putRequest); logger.info("SSE-KMS Bucket encryption configuration set for the directory bucket: {}", bucketName); } catch (S3Exception e) { logger.error("Failed to set bucket encryption: {} - Error code: {}", e.awsErrorDetails().errorMessage(), e.awsErrorDetails().errorCode()); throw e; } } ``` + API 세부 정보는 **AWS SDK for Java 2.x API 참조의 [PutBucketEncryption](https://docs.aws.amazon.com/goto/SdkForJavaV2/s3-2006-03-01/PutBucketEncryption)을 참조하세요. ------