Skip to content

S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3 #1868

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 task
jdbevan opened this issue Jun 1, 2020 · 3 comments
Open
1 task

S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3 #1868

jdbevan opened this issue Jun 1, 2020 · 3 comments
Labels
service:s3 service-api This issue is due to a problem in a service API, not the SDK implementation.

Comments

@jdbevan
Copy link

jdbevan commented Jun 1, 2020
edited
Loading

It's not currently possible to enable SSE-S3 as part of an S3CopyObjectOperation. There only appears to be support for SSE-KMS via the .sseAwsKmsKeyId() method on the builder.

Describe the Feature

Add the ability to specify SSE-S3 as part of an S3CopyObjectOperation.

Is your Feature Request related to a problem?

I want to programmatically encrypt all existing objects within a bucket and remove unencrypted versions of the objects, before enabling default encryption on the bucket and applying an "encryption only" policy, to ensure that nothing in the bucket is not encrypted at rest.

Proposed Solution

Provide a new .enableSSES3() method on the builder.

Describe alternatives you've considered

One-by-one copy of the latest version of each object.

Additional Context

I'm currently using v1 of the SDK and hit this problem aws/aws-sdk-java#1301 so tried out v2 of the SDK which still didn't solve my problem.

  • I may be able to implement this feature request

Your Environment

  • AWS Java SDK version used: 2.13.26
  • JDK version used: 1.8.0_252
  • Operating System and version: macOS 10.15.5
@jdbevan jdbevan added feature-request A feature should be added or improved. needs-triage This issue or PR still needs to be triaged. labels Jun 1, 2020
@debora-ito
Copy link
Member

@jdbevan this is a feature request to the S3 API team, I will forward to them internally.

@debora-ito debora-ito added service-api This issue is due to a problem in a service API, not the SDK implementation. and removed needs-triage This issue or PR still needs to be triaged. labels Jun 6, 2020
@debora-ito
Copy link
Member

@jdbevan is there any particular reason why you're using S3CopyObjectOperation instead of CopyObjectRequest? CopyObjectRequest supports AES256 as server-side encryption in V2.

@jdbevan
Copy link
Author

jdbevan commented Jun 18, 2020

I was trying to do a bulk operation and as far as I could see, the S3CopyObjectOperation was the mechanism for specifying what should happen during the bulk copy. Did I miss something?

@millems millems removed the feature-request A feature should be added or improved. label Jul 21, 2021
aws-sdk-java-automation added a commit that referenced this issue Dec 8, 2021
@aws-sdk-java-automation
Merge pull request #1868 from aws/staging/36e9a52b-31af-4ec2-ae1e-2d3…
ab373f0 
…fbfb2200f

Pull request: release <- staging/36e9a52b-31af-4ec2-ae1e-2d3fbfb2200f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service:s3 service-api This issue is due to a problem in a service API, not the SDK implementation.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@debora-ito @jdbevan @millems