You can set server-side encryption for a bucket in the COS Console, so that new objects uploaded to the bucket can be encrypted by default. For more information on bucket encryption, please see Bucket Encryption Overview.
Currently, the supported bucket encryption method is SSE-COS encryption (i.e., server-side encryption using COS-managed encryption keys). For more information on server-side encryption, please see Server-side Encryption Overview.
You can configure bucket encryption when creating a bucket, as shown below:
If you do not set encryption when creating a bucket, you can follow the steps below to set configuration subsequently.