Encrypting code artifact with SSE-S3 instead of SSE-KMS

[Finesomtoe]

When the Framework processor uploads the code artifact (sourcedir.tar.gz) to S3, it encrypts the file using SSE-KMS.
As an alternative, I would also like this file to be encrypted using the s3 managed encryption SSE-S3. Is there a way to adapt the framework processor to also use SSE-S3 encryption?

[niklas-palm]

@knikure any news on this?

[christianplatta1012]

This is also an issue for us. We have a bucket that is SSE-S3 encrypted und has a replication config that should move the files generated by sagemaker to another account. SSE-KMS encrypted objects are not replicated by default and we would need to create our own KMS key and do the IAM stuff for everything that is working with the files. This is a big overhead especially in a cross-account replication scenario

[christianplatta1012]

we have this problem with the ProcessingOutput part in a ProcessingStep