En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

S3 Presigned Get Object Request with encryption

0

Is it possible to generate a presigned URL to get an encrypted ( with customer provided key ) object in an S3 bucket ? If it were possible, would this this URL be usable in a browser ?

Sujets
Stockage
Balises
Simple service de stockage AmazonStockageURL pré-signéeChiffrement
Langue
English
rePost-User-6126995
demandé il y a 2 ans1769 vues
2 réponses
0

Simple answer, yes and no.

S3 pre-signed URL is just an S3 URL on behalf of the signing entity.

So if the signing entity has permission to read the encrypted S3 object, anyone with that pre-signed URL will have the same permission over that object within the valid time period.

However, because SSE-C requires specific HTTP headers, it may not be usable in a browser (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-and-presignedurl)

RichardFan
répondu il y a 2 ans
0

Hello, so your mean we must use something like axios to send request URL to s3 with specific HTTP headers right? But if use aws-sdk package do we need add headers too?

rePost-User-8207723
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents