There are plenty of amazing things that you can configure and try on S3 besides the steps we have covered in this chapter. For example, you can leverage the encryption functionality provided by S3 to encrypt data in transit as well as at rest. Amazon S3 supports two types of encryption technique especially for this purpose: client-side encryption and server-side encryption.

Client-side encryption comes in really handy when you as an end user want to manage the encryption process, the encryption keys, tools, and so on. Generally, this encryption process is performed on the object before it gets uploaded to S3. You can also protect your data in transit using client-side encryption facilities such as SSL. Server-side encryption is where Amazon S3 encrypts and decrypts your data for you before it is stored within its data centers. Server-side encryption can be leveraged along with AWS Key Management Service (KMS) as well as with Amazon S3 managed keys. You can read about...