The new Amazon S3 condition key enables you to write policies that help you control the use of server-side encryption with customer-provided keys (SSE-C). Using Amazon S3 condition keys, you can specify conditions when granting permissions in the optional ‘Condition’ element of a bucket or an IAM policy. One such condition is to require server-side encryption (SSE) using your preferred encryption method.