I am getting the following exception when trying to reproduce the sample code Amazon provides for uploading S3 objects to be server side encrypted using Amazon KMS (key management service):
com.amazonaws.AmazonClientException: please use region-specific endpoint to access buckets located in regions that require V4 signing.
::
Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4. (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument;
The code used is:
public void uploadServerSideEncryptedFileToS3( String bucketName , String key , String sourceFilePath , String masterKey ) {
awsCredentials = new BasicAWSCredentials( awsAccessKey, awsSecretKey );
PutObjectRequest putObjectRequest = new PutObjectRequest( bucketName,
key , new File( sourceFilePath ) ).withSSEAwsKeyManagementParams( new SSEAwsKeyManagementParams( masterKey ) );
ClientConfiguration clientConfiguration = new ClientConfiguration();
clientConfiguration.setProtocol( Protocol.HTTPS );
AmazonS3 connection = new AmazonS3Client( awsCredentials , clientConfiguration );
connection.setRegion( com.amazonaws.regions.Region.getRegion( Regions.US_EAST_1 ) );
PutObjectResult response = connection.putObject( putObjectRequest );
}
Aucun commentaire:
Enregistrer un commentaire