Configuring an Amazon S3 Bucket

Enter your Bucket name, then the Access ID and secret key.

Amazon S3 server settings

Finally, if you want to upload your files to a different folder from your Bucket's root directory, enter the directory in the Path Prefix.

S3 Request Headers

Within the S3 Request Headers section, you can configure specific metadata to send along with files matching a given pattern.

You may, for example, wish to send a Cache-Control header for all files, or a Content-Disposition header for all files of a certain type or even in a certain directory, to force them to be downloaded rather than rendered inline in the end-user's browser.

Add as many files as you like within this section, starting with the Header Key and Header Value, followed by a pattern.

S3 headers

S3 server-side encryption

As of January 5, 2023, all new object uploads to Amazon S3 are automatically encrypted with SSE-S3 (Amazon S3 managed keys) at no additional cost. This means your files are automatically encrypted when deployed to S3 buckets without requiring any additional configuration.

However, depending on your business requirements, you might need to use a specific encryption method or comply with particular bucket policies. In these cases, you can add the x-amz-server-side-encryption header to your DeployHQ configuration:

  • For SSE-S3 (default): x-amz-server-side-encryption: AES256
  • For SSE-KMS: x-amz-server-side-encryption: aws:kms
  • For SSE-C: Use x-amz-server-side-encryption: AES256 with additional customer-provided key headers

More information on S3 encryption options can be found here.