Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

Options for encryption of binaries in AWS S3 buckets

Avatar

Avatar
Validate 1
Level 2
iainc65537558
Level 2

Likes

4 likes

Total Posts

35 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Applaud 5
Affirm 3
View profile

Avatar
Validate 1
Level 2
iainc65537558
Level 2

Likes

4 likes

Total Posts

35 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Applaud 5
Affirm 3
View profile
iainc65537558
Level 2

31-08-2018

What options does the S3 connector support for AWS's various data encryption options?

AWS supports a number of ways of encrypting data at rest. We are looking at the options available to allow us to do that either by S3-Managed Keys, KMS-Managed Keys or Customer provided keys.  Protecting Data Using Server-Side Encryption - Amazon Simple Storage Service

Looking for guidance on how to configure these options within AWS and config settings required in AEM.

Replies

Avatar

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,090 likes

Total Posts

3,123 posts

Correct Reply

1,063 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile

Avatar
Coach
Employee
Jörg_Hoh
Employee

Likes

1,090 likes

Total Posts

3,123 posts

Correct Reply

1,063 solutions
Top badges earned
Coach
Give back 600
Ignite 5
Ignite 3
Ignite 1
View profile
Jörg_Hoh
Employee

02-09-2018

I am not aware of a way to store binaries encrypted in S3. You might want to raise on the one of the Oak mailing lists.

Apache Jackrabbit - Mailing Lists

Jörg

Avatar

Avatar
Validate 1
Level 2
iainc65537558
Level 2

Likes

4 likes

Total Posts

35 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Applaud 5
Affirm 3
View profile

Avatar
Validate 1
Level 2
iainc65537558
Level 2

Likes

4 likes

Total Posts

35 posts

Correct Reply

3 solutions
Top badges earned
Validate 1
Boost 3
Boost 1
Applaud 5
Affirm 3
View profile
iainc65537558
Level 2

03-09-2018

Hi, Just an update.

I configured my S3 Buckets to use Default Encryption of both SSE-S3 and SSE-KMS and in both instances assets were stored and the console indicated that the correct encryption was being used.

The API does support headers to give details of the required encryption, but the AEM S3 connector does not appear to send them so I guess at the moment we are limited to default encryption options.

Thanks