From b4edc1668a1aab7e0829ca808470ef3a1b93648c Mon Sep 17 00:00:00 2001 From: Daniel Fuentes Date: Thu, 2 Aug 2018 14:10:41 -0700 Subject: [PATCH] update readme to remove default bucket --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5ba8c424..4dfc4005 100644 --- a/README.md +++ b/README.md @@ -200,7 +200,7 @@ If you'd like to use a different region for chamber without changing `AWS_REGION By default, chamber store secrets in AWS Parameter Store. We now also provide an experimental S3 backend for storing secrets in S3 instead. -To configure chamber to use the S3 backend, set `CHAMBER_SECRET_BACKEND` to `S3`, and `CHAMBER_S3_BUCKET` to an existing S3 bucket (by default, chamber will attempt to use a bucket named `chamber-secrets`). +To configure chamber to use the S3 backend, set `CHAMBER_SECRET_BACKEND` to `S3`, and `CHAMBER_S3_BUCKET` to an existing S3 bucket. Preferably, this bucket should reject uploads that do not set the server side encryption header ([see this doc for details how](https://aws.amazon.com/blogs/security/how-to-prevent-uploads-of-unencrypted-objects-to-amazon-s3/)) This feature is experimental, and not currently meant for production work.