stackoom
  简体   繁体   中英

Error uploading S3 Object with Server Side Encryption using Amazon KMS

 原文  2015-03-26 17:49:45       java/ encryption/ amazon-web-services/ amazon-s3

Question

I am getting the following exception when trying to reproduce the sample code Amazon provides for uploading S3 objects to be server side encrypted using Amazon KMS (key management service): 

com.amazonaws.AmazonClientException: please use region-specific endpoint to access buckets located in regions that require V4 signing.
:: 
Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4. (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument;

The code used is: 

public void uploadServerSideEncryptedFileToS3( String bucketName , String key , String sourceFilePath , String masterKey ) {

    awsCredentials = new BasicAWSCredentials( awsAccessKey, awsSecretKey );
    PutObjectRequest putObjectRequest = new PutObjectRequest( bucketName,
                key , new File( sourceFilePath ) ).withSSEAwsKeyManagementParams( new SSEAwsKeyManagementParams( masterKey ) );

    ClientConfiguration clientConfiguration = new ClientConfiguration();
    clientConfiguration.setProtocol( Protocol.HTTPS );

    AmazonS3 connection = new AmazonS3Client( awsCredentials , clientConfiguration );
    connection.setRegion( com.amazonaws.regions.Region.getRegion( Regions.US_EAST_1 ) );
    PutObjectResult response = connection.putObject( putObjectRequest );
}

1 answers

solution1
 0  2016-06-02 01:22:28

Here is the code I used for S3 upload 

    @Test
public void testNoMetaData() {
    AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
    AmazonS3 amazonS3 = new AmazonS3Client(awsCredentials);
    amazonS3.setRegion(Region.getRegion(region));

    byte[] bytes = content.getBytes(StandardCharsets.UTF_8);
    ObjectMetadata metadata = new ObjectMetadata();
    metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm());
    InputStream inputStream = new ByteArrayInputStream(bytes);
    PutObjectRequest putObjectRequest = new PutObjectRequest(bucketName, key, inputStream, metadata);

    putObjectRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(awsKmsKeyId));
    amazonS3.putObject(putObjectRequest);
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question java : Use Server-Side Encryption in Amazon S3 using vfs s3 plugin Error while decrypting file using KMS key in Amazon S3 Uploading to an S3 bucket with Apache Camel how do I enable server side encryption with S3 managed keys? Create an S3 bucket with KMS encryption? Uploading an image to amazon s3 using retrofit Amazon S3 KMS Upload in Java SDK How do I set a request header(x-amz-server-side-encryption : aws:kms) while saving file to S3 in Java code? How to make sure your files are encrypted when using AWS S3 KMS encryption? Server-Side Encryption with Customer-Provided Encryption Keys (SSE-C) with using vfs s3 plugin Uploading stream to amazon s3
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM