A system admin is planning to encrypt all objects being uploaded to S3 from an application. The
system admin does not want to implement his own encryption algorithm; instead he is planning to
use server side encryption by supplying his own key (SSE-C.. Which parameter is not required
while making a call for SSE-C?

A.
x-amz-server-side-encryption-customer-key-AES-256

B.
x-amz-server-side-encryption-customer-key

C.
x-amz-server-side-encryption-customer-algorithm

D.
x-amz-server-side-encryption-customer-key-MD5

Explanation:
AWS S3 supports client side or server side encryption to encrypt all data at rest. The server side
encryption can either have the S3 supplied AES-256 encryption key or the user can send the key
along with each API call to supply his own encryption key (SSE-C.. When the user is supplying his
own encryption key, the user has to send the below mentioned parameters as a part of the API
calls:
x-amz-server-side-encryption-customer-algorithm: Specifies the encryption algorithm
x-amz-server-side-encryption-customer-key: To provide the base64-encoded encryption key
x-amz-server-side-encryption-customer-key-MD5: To provide the base64-encoded 128-bit MD5
digest of the encryption key