com.amazonaws.services.s3.model.SSEAlgorithm Java Examples

The following examples show how to use com.amazonaws.services.s3.model.SSEAlgorithm. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: S3DaoImpl.java    From herd with Apache License 2.0 5 votes vote down vote up
/**
 * Prepares the object metadata for server side encryption and reduced redundancy storage.
 *
 * @param params the parameters.
 * @param metadata the metadata to prepare.
 */
private void prepareMetadata(final S3FileTransferRequestParamsDto params, ObjectMetadata metadata)
{
    // Set the server side encryption
    if (params.getKmsKeyId() != null)
    {
        /*
         * TODO Use proper way to set KMS once AWS provides a way.
         * We are modifying the raw headers directly since TransferManager's uploadFileList operation does not provide a way to set a KMS key ID.
         * This would normally cause some issues when uploading where an MD5 checksum validation exception will be thrown, even though the object is
         * correctly uploaded.
         * To get around this, a system property defined at
         * com.amazonaws.services.s3.internal.SkipMd5CheckStrategy.DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY must be set.
         */
        metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm());
        metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID, params.getKmsKeyId().trim());
    }
    else
    {
        metadata.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm());
    }

    // If specified, set the metadata to use RRS.
    if (Boolean.TRUE.equals(params.isUseRrs()))
    {
        // TODO: For upload File, we can set RRS on the putObjectRequest. For uploadDirectory, this is the only
        // way to do it. However, setHeader() is flagged as For Internal Use Only
        metadata.setHeader(Headers.STORAGE_CLASS, StorageClass.ReducedRedundancy.toString());
    }
}
 
Example #2
Source File: AmazonInitializer.java    From entrada with GNU General Public License v3.0 3 votes vote down vote up
private boolean enableEncryption() {

    if (!encrypt) {
      return true;
    }

    ServerSideEncryptionRule serverSideEncryptionRule = new ServerSideEncryptionRule();

    ServerSideEncryptionByDefault serverSideEncryptionByDefault =
        new ServerSideEncryptionByDefault();

    serverSideEncryptionByDefault.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm());

    serverSideEncryptionRule.setApplyServerSideEncryptionByDefault(serverSideEncryptionByDefault);

    SetBucketEncryptionRequest setBucketEncryptionRequest = new SetBucketEncryptionRequest();
    setBucketEncryptionRequest.setBucketName(bucket);

    ServerSideEncryptionConfiguration serverSideEncryptionConfiguration =
        new ServerSideEncryptionConfiguration();

    ArrayList<ServerSideEncryptionRule> serverSideEncryptionRules = new ArrayList<>();
    serverSideEncryptionRules.add(serverSideEncryptionRule);
    serverSideEncryptionConfiguration.setRules(serverSideEncryptionRules);

    setBucketEncryptionRequest
        .setServerSideEncryptionConfiguration(serverSideEncryptionConfiguration);

    amazonS3.setBucketEncryption(setBucketEncryptionRequest);

    GetBucketEncryptionResult result = amazonS3.getBucketEncryption(bucket);
    return !result.getServerSideEncryptionConfiguration().getRules().isEmpty();
  }