S3 Presigned Get Object Request with encryption
0
Is it possible to generate a presigned URL to get an encrypted ( with customer provided key ) object in an S3 bucket ? If it were possible, would this this URL be usable in a browser ?
asked 14 days ago21 views
1 Answers
0
Simple answer, yes and no.
S3 pre-signed URL is just an S3 URL on behalf of the signing entity.
So if the signing entity has permission to read the encrypted S3 object, anyone with that pre-signed URL will have the same permission over that object within the valid time period.
However, because SSE-C requires specific HTTP headers, it may not be usable in a browser (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-and-presignedurl)
answered 14 days ago
Relevant questions
Generate S3 Presigned URL with 7 Day Expiry via Lambda
Accepted Answerasked 2 years agoHow to determine if an object is encrypted with a "regular" S3-SSE KMS key, or an S3 Bucket Key with S3 Inventory?
Accepted Answerasked a year agoshowing search results with download links with presigned urls
asked 9 days agoS3 pre signed url with block public access on a bucket
Accepted Answerasked 2 years agoAWS S3 - Can We Presign an Entire Bucket?
asked 3 months agoHow To Invalidate A S3 Pre-Signed URL
Accepted Answerasked 4 years agoS3 presigned url access Denied
Accepted Answerasked 5 months agoS3 Presigned Get Object Request with encryption
asked 14 days agoGenerate presigned url for S3 Object Lambda
Accepted Answerasked a year agoHow to enable presigned S3 URL for different users?
asked 4 months ago