Menu
I want to store a lot of files in Amazon S3 for my application. I have an option to use server-side encryption or client-side encryption or both.
By Server-side encryption, I mean using the Amazon S3 encryption feature to encrypt files. And by Client-side encryption, I mean that I will encrypt files in my application and then store that in S3.
Which one is preferred as both method has different advantages like Server-side encryption will be good in processing as Amazon has used full optimization but in client-side encryption, I am not dependent on Amazon in future I can easily transfer my file to other file system and my encryption would be intact. Also If someone gets access to my Amazon S3 UI they can easily download decrypted files in the server-side encryption method. Also, Amazon S3 encryption comes with a cost.
Please help me in deciding this.
306
asked Oct 27 '25 16:10
If you use server-side encryption then your data is protected by policies only. If you accidentally give access to someone (or someone steals your AWS access keys) then it does not matter if it is stored encrypted or not.
With client-side encryption you manage the key and without it nobody can access the contents of the files. If you mess up the policies, the keys protect your data.
105
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
