@Override public PutObjectRequest decorate(PutObjectRequest request) { return request.withSSEAwsKeyManagementParams( keyId == null ? new SSEAwsKeyManagementParams() : new SSEAwsKeyManagementParams(keyId) ); }
@Override public CopyObjectRequest decorate(CopyObjectRequest request) { return request.withSSEAwsKeyManagementParams( keyId == null ? new SSEAwsKeyManagementParams() : new SSEAwsKeyManagementParams(keyId) ); } }
private void enableKmsEncryption(PutObjectRequest uploadRequest) { String keyId = mConfig.getAwsSseKmsKey(); if (!keyId.isEmpty()) { uploadRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(keyId)); } else { uploadRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams()); } }
case KMS: if (sseKmsKeyId != null) { request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(sseKmsKeyId)); request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams());
putObjectRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(uploadMetadata.getEncryptionKey().get()));
.setSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(upload.sseKMSKey));
@Override public PutObjectRequest decorate(PutObjectRequest request) { return request.withSSEAwsKeyManagementParams( keyId == null ? new SSEAwsKeyManagementParams() : new SSEAwsKeyManagementParams(keyId) ); }
@Override public CopyObjectRequest decorate(CopyObjectRequest request) { return request.withSSEAwsKeyManagementParams( keyId == null ? new SSEAwsKeyManagementParams() : new SSEAwsKeyManagementParams(keyId) ); } }
@Override public SSEAwsKeyManagementParams deserialize(JsonParser parser, DeserializationContext context) throws IOException { Map<String, String> asMap = parser.readValueAs(new TypeReference<Map<String, String>>() {}); final String awsKmsKeyId = asMap.getOrDefault("awsKmsKeyId", null); return new SSEAwsKeyManagementParams(awsKmsKeyId); } }
/** * Create the AWS SDK structure used to configure SSE, based on the * configuration. * @return an instance of the class, which main contain the encryption key */ @Retries.OnceExceptionsSwallowed private SSEAwsKeyManagementParams generateSSEAwsKeyParams() { //Use specified key, otherwise default to default master aws/s3 key by AWS SSEAwsKeyManagementParams sseAwsKeyManagementParams = new SSEAwsKeyManagementParams(); String encryptionKey = getServerSideEncryptionKey(bucket, getConf()); if (isNotBlank(encryptionKey)) { sseAwsKeyManagementParams = new SSEAwsKeyManagementParams(encryptionKey); } return sseAwsKeyManagementParams; }
private static SSEAwsKeyManagementParams toSSEAwsKeyManagementParams(final EncryptionKey encryptionKey) { if (encryptionKey != null && encryptionKey.getId() != null && EncryptionKeyType.KMS.toString().equals(encryptionKey.getType())) { return new SSEAwsKeyManagementParams(encryptionKey.getId()); } return new SSEAwsKeyManagementParams(); }
private PutObjectResult upload(File file) { getLog().info("Uploading " + functionCode + " to AWS S3 bucket " + s3Bucket); PutObjectRequest putObjectRequest = new PutObjectRequest(s3Bucket, fileName, file); if (sse) { if (sseKmsEncryptionKeyArn != null && sseKmsEncryptionKeyArn.length() > 0) { putObjectRequest.setSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(sseKmsEncryptionKeyArn)); } else { ObjectMetadata objectMetadata = new ObjectMetadata(); objectMetadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION); putObjectRequest.setMetadata(objectMetadata); } } PutObjectResult putObjectResult = s3Client.putObject(putObjectRequest); getLog().info("Upload complete..."); return putObjectResult; }
private void putObjectWithKmsSupport(String bucketName, String key, File file, String kmsKeyId, AmazonS3 s3) { s3.putObject(new PutObjectRequest(bucketName, key, file) .withMetadata(getObjectMetadata()) .withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(kmsKeyId))); } }
SSEAwsKeyManagementParams keyManagementParams; if (ObjectHelper.isNotEmpty(getConfiguration().getAwsKMSKeyId())) { keyManagementParams = new SSEAwsKeyManagementParams(getConfiguration().getAwsKMSKeyId()); } else { keyManagementParams = new SSEAwsKeyManagementParams();
case KMS: if (sseKmsKeyId != null) { request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(sseKmsKeyId)); request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams());
final SSEAwsKeyManagementParams sseAwsKeyManagementParams = new SSEAwsKeyManagementParams(RemoteListUploader.this.kmsId); meta.setSSEAlgorithm(sseAwsKeyManagementParams.getAwsKmsKeyId()); meta.setHeader(
@Override public Transfer performTransfer(TransferManager transferManager) { // Create a copy request. CopyObjectRequest copyObjectRequest = new CopyObjectRequest(params.getSourceBucketName(), params.getSourceObjectKey(), params.getTargetBucketName(), params.getTargetObjectKey()); // If KMS Key ID is specified, set the AWS Key Management System parameters to be used to encrypt the object. if (StringUtils.isNotBlank(params.getKmsKeyId())) { copyObjectRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(params.getKmsKeyId())); } // Otherwise, specify the server-side encryption algorithm for encrypting the object using AWS-managed keys. else { ObjectMetadata metadata = new ObjectMetadata(); metadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION); copyObjectRequest.setNewObjectMetadata(metadata); } return s3Operations.copyFile(copyObjectRequest, transferManager); } });
@Override public Transfer performTransfer(TransferManager transferManager) { // Create a copy request. CopyObjectRequest copyObjectRequest = new CopyObjectRequest(params.getSourceBucketName(), params.getSourceObjectKey(), params.getTargetBucketName(), params.getTargetObjectKey()); // If KMS Key ID is specified, set the AWS Key Management System parameters to be used to encrypt the object. if (StringUtils.isNotBlank(params.getKmsKeyId())) { copyObjectRequest.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(params.getKmsKeyId())); } // Otherwise, specify the server-side encryption algorithm for encrypting the object using AWS-managed keys. else { ObjectMetadata metadata = new ObjectMetadata(); metadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION); copyObjectRequest.setNewObjectMetadata(metadata); } return s3Operations.copyFile(copyObjectRequest, transferManager); } });
request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(data_set.kmsForDataAtRest.getValue()));
request.withSSEAwsKeyManagementParams(new SSEAwsKeyManagementParams(data_set.kmsForDataAtRest.getValue()));