AWS ivs documentation change
Summary
Added mandatory SSE-S3 encryption requirement for S3 buckets used in IVS recordings
Security assessment
Enforces encryption-at-rest for recordings, improving data protection posture without referencing a specific security incident.
Diff
diff --git a/ivs/latest/RealTimeUserGuide/rt-individual-participant-recording.md b/ivs/latest/RealTimeUserGuide/rt-individual-participant-recording.md index 0ba576418..4b1451fa4 100644 --- a//ivs/latest/RealTimeUserGuide/rt-individual-participant-recording.md +++ b//ivs/latest/RealTimeUserGuide/rt-individual-participant-recording.md @@ -29 +29,10 @@ You will need an S3 bucket to write VODs. For details, see the S3 documentation -**Important** : If you use an existing S3 bucket, the **Object Ownership** setting must be **Bucket owner enforced** or **Bucket owner preferred**. For details, see the S3 documentation on [controlling ownership of objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html). +**Important** : If you use an existing S3 bucket: + + * The **Object Ownership** setting must be **Bucket owner enforced** or **Bucket owner preferred**. + + * The **Default Encryption** setting must be **Server-side encryption with Amazon S3 managed keys (SSE-S3)**. + + + + +For details, see the S3 documentation on [controlling ownership of objects](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) and [protecting data with encryption](https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingEncryption.html).