Add the option to enable AES-256 encryption for objects uploaded by `record_set`.

[nickolasjwilson]

System Information

• Framework (e.g. TensorFlow) / Algorithm (e.g. KMeans): N/A
• Framework Version: N/A
• Python Version: 3.6
• CPU or GPU: N/A
• Python SDK Version: 1.18.13
• Are you using a custom image: N/A

Describe the problem

The method AmazonAlgorithmEstimatorBase.record_set uploads objects to an S3 bucket without encrypting them. It should be possible to enable server-side AES-256 encryption for all the objects uploaded by a call to record_set. One approach is to modify at least two lines (in the function upload_numpy_to_s3_shards):

• 263
• 268

Passing the argument {'ServerSideEncryption': 'AES256'} to the method put on each of those lines accomplishes the desired results.

Not every SageMaker user wants server-side encryption enabled, but enabling the encryption should be an option.

[chuyang-deng]

Hi @nickolasjwilson, thank you for using SageMaker! Your request looks like a small change, I'll mark it as contributions welcome and you can submit a Pull Request. We will review your change then.

[nickolasjwilson]

Thanks for the invitation to submit a pull request. I've constructed a patch. Because I've constructed and tested my patch on my employer's hardware and AWS account, my patch must pass through my employer's internal approval process. If and when my patch is approved, I will submit it as a pull request.

[nickolasjwilson]

Resolved by Pull Request #794.

[haratyma]

Hi what about other encryption types? I have applied aws:kms and it causes an error even encrypt set True as it only takes into account AES-256....