S3 Presigned Get Object Request with encryption

Simple answer, yes and no.

S3 pre-signed URL is just an S3 URL on behalf of the signing entity.

So if the signing entity has permission to read the encrypted S3 object, anyone with that pre-signed URL will have the same permission over that object within the valid time period.

However, because SSE-C requires specific HTTP headers, it may not be usable in a browser (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-and-presignedurl)

Hello, so your mean we must use something like axios to send request URL to s3 with specific HTTP headers right? But if use aws-sdk package do we need add headers too?