-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not include sse configuration of source object in that of the destination object #3016
Conversation
When copying objects using `Aws::S3::Object.copy_to(..., multipart_copy: true)`, the `ObjectMultipartCopier` was inferring the metadata of the destination object from that of the source object. This is fine for `content_type`, `content_length`, etc.; however, the `ssekms_key_id` and `server_side_encryption` attributes were also copied. This causes the destination object to use the kms key of the source, which is not usually appropriate if the destination bucket has a different default encryption than the source. This is especially true when copying from one account to the other.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for submitting this! The logic looks good - can you add a test case for this?
Sure thing! |
@alextwoods added |
@@ -257,8 +257,7 @@ module S3 | |||
allow(client).to receive(:head_object).with({ | |||
bucket: 'source-bucket', | |||
key: 'source key' | |||
}).and_return(Types::HeadObjectOutput.new( | |||
content_length: size, content_type: 'ContentType')) | |||
}).and_return(Types::HeadObjectOutput.new(content_length: size, content_type: 'ContentType')) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yuck.. I'm not sure why this is here. Do you mind changing all of these to stub_data?
@mullermp gladly |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contribution (and clean up :D)
Sure thing! Thanks for the merge. |
When copying objects using
Aws::S3::Object.copy_to(..., multipart_copy: true)
, theObjectMultipartCopier
was inferring the metadata of the destination object from that of the source object. This is fine forcontent_type
,content_length
, etc.; however, thessekms_key_id
andserver_side_encryption
attributes were also copied. This causes the destination object to use the kms key of the source, which is not usually appropriate if the destination bucket has a different default encryption than the source. This is especially true when copying from one account to the other. This change is in line with the behavior ofAws::S3::Client.copy_object
which does not copy the source object encryption.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.