Stuck on a compliance audit failure for our 15 BYOC trunks in Asia/Singapore.
The security team flagged missing encryption headers in the archived call recordings.
Specifically, the S3 bucket policy rejects objects lacking the x-amz-server-side-encryption tag.
Our Architect flow uses the standard Record Interaction block.
The SDK v2.1.4 logs show the upload succeeds, but the metadata seems stripped during the handoff.
Is there a specific header injection required for BYOC endpoints to satisfy PCI DSS 4.1?