aws
S3 SDK: S3CopyObjectOperation does not allow setting SSE-S3
It's not currently possible to enable SSE-S3 as part of an S3CopyObjectOperation. There only appears to be support for SSE-KMS via the .sseAwsKmsKeyId() method on the builder.
Describe the Feature
Add the ability to specify SSE-S3 as part of an S3CopyObjectOperation.
Is your Feature Request related to a problem?
I want to programmatically encrypt all existing objects within a bucket and remove unencrypted versions of the objects, before enabling default encryption on the bucket and applying an "encryption only" policy, to ensure that nothing in the bucket is not encrypted at rest.
Proposed Solution
Provide a new .enableSSES3() method on the builder.
Describe alternatives you've considered
One-by-one copy of the latest version of each object.
Additional Context
I'm currently using v1 of the SDK and hit this problem https://github.com/aws/aws-sdk-java/issues/1301 so tried out v2 of the SDK which still didn't solve my problem.
- [ ] I may be able to implement this feature request
Your Environment
- AWS Java SDK version used: 2.13.26
- JDK version used: 1.8.0_252
- Operating System and version: macOS 10.15.5
@jdbevan this is a feature request to the S3 API team, I will forward to them internally.
@jdbevan is there any particular reason why you're using S3CopyObjectOperation instead of CopyObjectRequest? CopyObjectRequest supports AES256 as server-side encryption in V2.
I was trying to do a bulk operation and as far as I could see, the S3CopyObjectOperation was the mechanism for specifying what should happen during the bulk copy. Did I miss something?