Server-Side Encryption (SSE)

[tscizzle]

Is there a way to enable server-side encryption for requests from this Meteor package?

S3 allows server-side encryption to be applied when creating S3 objects (http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html), but the request to create the object has to explicitly say that the object should be encrypted. (i.e. you can't just make a bucket policy such that all new objects are automatically encrypted. the best you can do is a bucket policy which rejects requests that don't specify for encryption to be used).

With Python's boto, for example, you can say encrypt_key=True, when calling set_contents_from_string.

(Using the REST API, the relevant header is x-amz-server-side-encryption being set to AES256 (http://docs.aws.amazon.com/AmazonS3/latest/dev/SSEUsingRESTAPI.html))

[Lepozepo]

Hey! I don't think there's a way to do that with my package yet. I didn't plan to build that into it. I have to update this and cloudinary real soon, I'll try to make that happen :D PR's are always handy though if you have the time.

[tscizzle]

Great! Thanks for prompt response, and I will potentially submit PR.

[tscizzle]

This line in the uploadFile function seems to have explicitly avoided the encryption argument https://github.com/Lepozepo/S3/blob/master/client/functions.coffee#L147 (# form_data.append "x-amz-server-side-encryption", "AES256" is there, but commented out).

Is there a reason server-side encryption was acknowledged, and chosen to be commented out?

If not, is the necessary change to add an option 'server_side_encryption' whose value is a Boolean, and if it's true, run the line currently commented out?

[harrisonhunter]

Hey wondering if you got an answer / figured out the server side encryption, does it work with that line commented back in or was there a reason for it's removal? Also need to use SSE