AWS Security ChangesHomeSearch

AWS AmazonS3 high security documentation change

Service: AmazonS3 · 2025-11-22 · Security-related high

File: AmazonS3/latest/userguide/security.md

Summary

Added SSE-C deprecation warning to security documentation

Security assessment

Reinforces critical encryption policy changes in security context, requiring proactive configuration updates to maintain data protection.

Diff

diff --git a/AmazonS3/latest/userguide/security.md b/AmazonS3/latest/userguide/security.md
index ed4e7753c..cd0b10f58 100644
--- a//AmazonS3/latest/userguide/security.md
+++ b//AmazonS3/latest/userguide/security.md
@@ -6,0 +7,4 @@
+###### Important
+
+Starting in April 2026, AWS will disable server-side encryption with customer-provided keys (SSE-C) for all new buckets. In addition, SSE-C encryption will be disabled for all existing buckets in AWS accounts that do not have any SSE-C encrypted data. With these changes, the few applications that need SSE-C encryption must deliberately enable the use SSE-C via the [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) API after creating the bucket. In these cases, you might need to update automation scripts, CloudFormation templates, or other infrastructure configuration tools to configure these settings. For more information, see the [AWS Storage Blog post](https://aws.amazon.com/blogs/storage/advanced-notice-amazon-s3-to-disable-the-use-of-sse-c-encryption-by-default-for-all-new-buckets-and-select-existing-buckets-in-april-2026/).
+