how to get encrypted file (KMS Server side) from AWS using java
Question
This code below works when the file is not encrypted (plain text) server side. I'm trying to download another file from the same bucket, but this file is encrypted via KMS.
I've tried SSECustomerKey and added .withSSECustomerKey(myKey), but no luck.. Any ideas on how to modify this code, or could point me in the right direction?
AmazonS3 s3bucket = AmazonS3ClientBuilder.standard().withRegion("us-east-2").build();
S3Object download = s3bucket.getObject("mybucket-bucket", "secretfile2.txt");
try
{
download = IOUtils.toString(download.getObjectContent());
}
catch (IOException e1)
{
e1.printStackTrace();
}
2 answers
solution1
1 2017-09-26 08:02:04
You first create a key object:
SSECustomerKey sseKey = new SSECustomerKey(secretKey);
Then you create a request with that key:
GetObjectRequest getObjectRequest = new GetObjectRequest(bucketName, keyName).withSSECustomerKey(sseKey);
Then you retrieve the object:
s3client = new AmazonS3Client(...);
S3Object s3Object = s3client.getObject(getObjectRequest);
solution2
1 2017-12-15 13:09:31
If it is still an issue... I've encountered the same issue and figured out that you shouldn't pass any keys when you download a file, ie
GetObjectRequest getObjectRequest = new GetObjectRequest(bucketName, keyName)
s3client.getObject(getObjectRequest)
Due to you used server-side encryption AWS will automatically decrypt a file before sending.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.