Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

S3 Presigned Get Object Request with encryption

0

Is it possible to generate a presigned URL to get an encrypted ( with customer provided key ) object in an S3 bucket ? If it were possible, would this this URL be usable in a browser ?

Argomenti
Archiviazione
Tag
Servizio di archiviazione semplice di AmazonArchiviazioneURL pre-firmatoCrittografia
Lingua
English
rePost-User-6126995
posta 2 anni fa1769 visualizzazioni
2 Risposte
0

Simple answer, yes and no.

S3 pre-signed URL is just an S3 URL on behalf of the signing entity.

So if the signing entity has permission to read the encrypted S3 object, anyone with that pre-signed URL will have the same permission over that object within the valid time period.

However, because SSE-C requires specific HTTP headers, it may not be usable in a browser (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-and-presignedurl)

RichardFan
con risposta 2 anni fa
0

Hello, so your mean we must use something like axios to send request URL to s3 with specific HTTP headers right? But if use aws-sdk package do we need add headers too?

rePost-User-8207723
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente