Put Operations on Encrypted S3 Buckets

Any put operation on an encrypted S3 bucket will fail unless you specify options related to Server Side Encryption. Unfortunately, omitting these options does not result in a message pointing you to the cause of your failure. If you receive denial of access errors, and have already ruled out IAM permissions as the culprit, check out the SSE options.

Here is some helpful documentation for the CLI and Boto3: