What is S3 object etag in fips enabled AWS S3 endpoints, Are they MD5SUM?
The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object, not its metadata. The ETag may or may not be an MD5 digest of the object data. Whether or not it is depends on how the object was created and how it is encrypted as described below:
Objects created by the PUT Object, POST Object, or Copy operation, or through the AWS Management Console, and are encrypted by SSE-S3 or plaintext, have ETags that are an MD5 digest of their object data.
Objects created by the PUT Object, POST Object, or Copy operation, or through the AWS Management Console, and are encrypted by SSE-C or SSE-KMS, have ETags that are not an MD5 digest of their object data.
If an object is created by either the Multipart Upload or Part Copy operation, the ETag is not an MD5 digest, regardless of the method of encryption. If an object is larger than 16 MB, the AWS Management Console will upload or copy that object as a Multipart Upload, and therefore the ETag will not be an MD5 digest.
I hope this answers your question.
This is just description of etag from link, My question is in case of FIPS, MD5SUM algo is not allowed in openssl. FIPS dont let you use md5sum. it gives error "Error setting digest 139996545238848:error:060800C8:digital envelope routines:EVP_DigestInit_ex:disabled for FIPS:crypto/evp/digest.c:135:"
Now if md5sum is not allowed, How aws FIPS endpoint uses MD5SUM in FIPS enabled server/clients? Is that etag md5sum in fips enabled endpoints ?
S3 bucket replication with Object lock. "Contact support"asked 2 months ago
Is there a mechanism for automatically compressing objects loaded to S3?Accepted Answerasked 2 months ago
What is S3 object etag in fips enabled AWS S3 endpoints, Are they MD5SUM?asked a month ago
How to enable FIPS endpoint for govcloud AWS gateway (for lambda)?
Getting Amazon S3 object tags through CloudFront distribution URLAccepted Answerasked 2 years ago
S3 object lock on existing S3 objects?Accepted AnswerEXPERTasked 2 years ago
Why "make public" option on object is now removed?asked 4 months ago
How to enable FIPS endpoint on govcloud KMS?
Enabling SSE for Kinesis Firehoseasked 2 months ago
S3: Configure object lock with replication (CRR) on aws s3 bucketsasked a month ago