How to enable Server-side Encryption with IAM Role support for Amazon S3

To enable Server-side Encryption support in UAT, the following steps must be followed:

  1. Include the following directive in global.properties
    jcc.jvm_options = -DIAM_CREDENTIAL_FOR_S3=TRUE
    Note : JCC must be restarted if properties file is updated

  2. In Designer or Manager, create a new S3 Account as follows :

           a) Leave Access-key ID and Secret key properties blank
           b) Enable the Server-side encryption checkbox
           c) Enable the IAM role checkbox
    

3 Bind the account created in Step 2 to all applicable Snaps writing to S3.

NOTE: This will only work if the IAM role assigned to the JCC is assigned the correct role at the time it was provisioned. We do not support referencing IAM roles otherwise. If server-side encryption is not required, an account is not necessary.