In terms of server-side encryption, Heap currently supports only the Amazon S3-managed keys (SSE-S3) encryption key type. Buckets using the AWS Key Management Service key (SSE-KMS) encryption key type are not currently supported.
No additional user/role in S3 is required.
For instructions on how to edit your bucket’s default encryption, please see AWS’ documentation.
This information is specific to Heap’s integration with Amazon S3. To learn more, see our guide S3 Integration.