debora-ito
commented
4 years ago @jdbevan this is a feature request to the S3 API team, I will forward to them internally.
Open jdbevan opened 4 years ago
debora-ito
commented
4 years ago @jdbevan this is a feature request to the S3 API team, I will forward to them internally.
debora-ito
commented
4 years ago @jdbevan is there any particular reason why you're using S3CopyObjectOperation instead of CopyObjectRequest? CopyObjectRequest supports AES256 as server-side encryption in V2.
jdbevan
commented
4 years ago I was trying to do a bulk operation and as far as I could see, the S3CopyObjectOperation was the mechanism for specifying what should happen during the bulk copy. Did I miss something?
It's not currently possible to enable SSE-S3 as part of an S3CopyObjectOperation. There only appears to be support for SSE-KMS via the
.sseAwsKmsKeyId()method on the builder.Describe the Feature
Add the ability to specify SSE-S3 as part of an S3CopyObjectOperation.
Is your Feature Request related to a problem?
I want to programmatically encrypt all existing objects within a bucket and remove unencrypted versions of the objects, before enabling default encryption on the bucket and applying an "encryption only" policy, to ensure that nothing in the bucket is not encrypted at rest.
Proposed Solution
Provide a new
.enableSSES3()method on the builder.Describe alternatives you've considered
One-by-one copy of the latest version of each object.
Additional Context
I'm currently using v1 of the SDK and hit this problem https://github.com/aws/aws-sdk-java/issues/1301 so tried out v2 of the SDK which still didn't solve my problem.
Your Environment