Skip to content

S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3 #1868

New issue
New issue
Open
Open
S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3#1868
Labels
service-apiThis issue is due to a problem in a service API, not the SDK implementation.service:s3
@jdbevan

Description

@jdbevan
jdbevan
opened on Jun 1, 2020 · edited by jdbevan

It's not currently possible to enable SSE-S3 as part of an S3CopyObjectOperation. There only appears to be support for SSE-KMS via the .sseAwsKmsKeyId() method on the builder.

Describe the Feature

Add the ability to specify SSE-S3 as part of an S3CopyObjectOperation.

Is your Feature Request related to a problem?

I want to programmatically encrypt all existing objects within a bucket and remove unencrypted versions of the objects, before enabling default encryption on the bucket and applying an "encryption only" policy, to ensure that nothing in the bucket is not encrypted at rest.

Proposed Solution

Provide a new .enableSSES3() method on the builder.

Describe alternatives you've considered

One-by-one copy of the latest version of each object.

Additional Context

I'm currently using v1 of the SDK and hit this problem aws/aws-sdk-java#1301 so tried out v2 of the SDK which still didn't solve my problem.

  • I may be able to implement this feature request

Your Environment

  • AWS Java SDK version used: 2.13.26
  • JDK version used: 1.8.0_252
  • Operating System and version: macOS 10.15.5

Activity

jdbevan
added
feature-requestA feature should be added or improved.
needs-triageThis issue or PR still needs to be triaged.
on Jun 1, 2020
debora-ito

debora-ito commented on Jun 6, 2020

@debora-ito
debora-ito
on Jun 6, 2020
Member

@jdbevan this is a feature request to the S3 API team, I will forward to them internally.

debora-ito
added
service-apiThis issue is due to a problem in a service API, not the SDK implementation.
and removed
needs-triageThis issue or PR still needs to be triaged.
on Jun 6, 2020
debora-ito

debora-ito commented on Jun 16, 2020

@debora-ito
debora-ito
on Jun 16, 2020
Member

@jdbevan is there any particular reason why you're using S3CopyObjectOperation instead of CopyObjectRequest? CopyObjectRequest supports AES256 as server-side encryption in V2.

jdbevan

jdbevan commented on Jun 18, 2020

@jdbevan
jdbevan
on Jun 18, 2020
Author

I was trying to do a bulk operation and as far as I could see, the S3CopyObjectOperation was the mechanism for specifying what should happen during the bulk copy. Did I miss something?

millems
removed
feature-requestA feature should be added or improved.
on Jul 21, 2021
aws-sdk-java-automation
added a commit that references this issue on Dec 8, 2021

Merge pull request #1868 from aws/staging/36e9a52b-31af-4ec2-ae1e-2d3…

ab373f0
debora-ito
added
service:s3
on Sep 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    service-apiThis issue is due to a problem in a service API, not the SDK implementation.service:s3

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @debora-ito@jdbevan@millems

        Issue actions
          S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3 · Issue #1868 · aws/aws-sdk-java-v2