[英]boto3 Client Error: Server Side Encryption with Customer provided key is incompatible with the encryption method specified
I'm using boto3 with my django application to upload some files to S3. 我在我的Django应用程序中使用boto3将一些文件上传到S3。 But I receive the following error when I try to specify the client side encryption algorithm and and keys using boto3's Object's API .
但是,当我尝试使用boto3的Object's API指定客户端加密算法和密钥时,收到以下错误消息 。
An error occurred (InvalidArgument) when calling the PutObject operation: Server Side Encryption with Customer provided key is incompatible with the encryption method specified.
调用PutObject操作时发生错误(InvalidArgument):使用客户提供的密钥进行的服务器端加密与指定的加密方法不兼容。
Here is my code for specifying Encryption algorithm and keys. 这是我用于指定加密算法和密钥的代码。
import boto3
s3 = boto3.resource('s3')
key = s3.Object(bucket_name, key_name)
file_obj.seek(0)
kwargs = {
'ServerSideEncryption': 'AES256',
'SSECustomerAlgorithm': 'AES256',
'SSECustomerKey': settings.AWS_ENCRYPTION_KEY,
}
key.put(**kwargs)
key.put(Body=file_obj)
key.Acl().put(ACL='public-read')
And here is how I generate the encryption key in settings.py 这就是我在settings.py中生成加密密钥的方法
# settings.py
password = '32characterslongpassphraseneeded'.encode('utf-8')
AWS_ENCRYPTION_KEY = base64.b64encode(password)
I'm using python3. 我正在使用python3。
After posting an issue on boto3 library I finally got a working example. 在boto3库上发布问题后,我终于有了一个可行的示例。 Here is how it should be done.
这是应该如何做。
import boto3
import os
BUCKET = 'YOUR-BUCKET'
KEY = os.urandom(32)
s3 = boto3.client('s3')
print("Put object...")
s3.put_object(Bucket=BUCKET,
Key='path_of_object_in_bucket', Body=b'foobar',
SSECustomerKey=KEY,
SSECustomerAlgorithm='AES256')
print("Done")
# Make sure to save the KEY!
# Getting the object:
print("Getting object...")
response = s3.get_object(Bucket=BUCKET,
Key='path_of_object_in_bucket',
SSECustomerKey=KEY,
SSECustomerAlgorithm='AES256')
print("Done, response body:")
print(response['Body'].read())
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.