Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Failure to rename files with server side encryption enabled for bucket #8840

Closed
cyberduck opened this issue May 20, 2015 · 4 comments
Closed
Assignees
Labels
bug fixed s3 AWS S3 Protocol Implementation
Milestone

Comments

@cyberduck
Copy link
Collaborator

72a1203 created the issue

We're using 4.7 (17432), and users are having difficulty renaming files in our s3 bucket.

The bucket allows all permissions. It requires Server Side Encryption (SSE) to be turned on, but the files do not inherit this - when you look in Info for any given file, Server Side Encryption is unchecked.

If you try to rename a file it fails. (Cannot rename file. Access denied. Please contact your web hosting service provider for assistance.)

We've found that if you select the file you want to rename, and click Server Side Encryption in Info, it will let you rename the file once, but we have to repeat the process to rename it again.

Additionally, if we use Cloudberry's Explorer for S3 using same credentials with SSE turned on in Cloudberry we can rename the files with no difficulty - so this problem seems isolated to Cyberduck.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Server side encryption is not a bucket option but per object. However I suppose you enforce encryption of objects in the bucket with a bucket policy as described in Protecting Data Using Server-Side Encryption. Make sure to enable AES2566 encryption by default in Preferences → S3 → Encryption.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Add test in a68847a.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

Replying to [comment:3 dkocher]:

Add test in a68847a.
This test shows the issue with a 403 error because no x-amz-server-side-encryption encryption header is set while the bucket policy enforces encryption.

@cyberduck
Copy link
Collaborator Author

@dkocher commented

In 528ee80.

@iterate-ch iterate-ch locked as resolved and limited conversation to collaborators Nov 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug fixed s3 AWS S3 Protocol Implementation
Projects
None yet
Development

No branches or pull requests

2 participants