By using AWS re:Post, you agree to the Terms of Use
/S3 Presigned Get Object Request with encryption/

S3 Presigned Get Object Request with encryption

0

Is it possible to generate a presigned URL to get an encrypted ( with customer provided key ) object in an S3 bucket ? If it were possible, would this this URL be usable in a browser ?

1 Answers
0

Simple answer, yes and no.

S3 pre-signed URL is just an S3 URL on behalf of the signing entity.

So if the signing entity has permission to read the encrypted S3 object, anyone with that pre-signed URL will have the same permission over that object within the valid time period.

However, because SSE-C requires specific HTTP headers, it may not be usable in a browser (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-and-presignedurl)

answered 14 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions