In Mimic, how extensive is the S3 bucket policy support?

I'm trying to configure a bucket to require encryption using the following policy, but it doesn't appear to have any effect, I can still upload unencrypted objects. I tried different variations on the policy structure but nothing seems to have any effect and I don't see anything in the logs (debug_rgw = 5/5).  

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Deny",
            "Principal": "*",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::testing/*",
            "Condition": {
                "StringNotEquals": {
                    "s3:x-amz-server-side-encryption": "aws:kms"
                }
            }
        }
    ]
}



Thanks,
   Wyllys Ingersoll