sagemaker-python-sdk icon indicating copy to clipboard operation
sagemaker-python-sdk copied to clipboard
verified publisher icon aws

Encrypting code artifact with SSE-S3 instead of SSE-KMS

Open Finesomtoe opened this issue 2 years ago • 3 comments

When the Framework processor uploads the code artifact (sourcedir.tar.gz) to S3, it encrypts the file using SSE-KMS. As an alternative, I would also like this file to be encrypted using the s3 managed encryption SSE-S3. Is there a way to adapt the framework processor to also use SSE-S3 encryption?

Finesomtoe avatar Dec 21 '23 15:12 Finesomtoe

@knikure any news on this?

niklas-palm avatar Sep 18 '24 08:09 niklas-palm

This is also an issue for us. We have a bucket that is SSE-S3 encrypted und has a replication config that should move the files generated by sagemaker to another account. SSE-KMS encrypted objects are not replicated by default and we would need to create our own KMS key and do the IAM stuff for everything that is working with the files. This is a big overhead especially in a cross-account replication scenario

christianplatta1012 avatar Oct 16 '24 09:10 christianplatta1012

we have this problem with the ProcessingOutput part in a ProcessingStep

christianplatta1012 avatar Oct 16 '24 09:10 christianplatta1012