Cyberduck Mountain Duck CLI

Opened 3 years ago

Closed 3 years ago

Last modified 2 years ago

#9426 closed feature (fixed)

Option to use AWS KMS–Managed Keys (SSE-KMS) for server side encryption

Reported by: jmgtan Owned by: dkocher
Priority: normal Milestone: 5.0
Component: s3 Version: 4.9
Severity: normal Keywords: s3
Cc: Architecture: PPC
Platform:

Description

Add support for S3 SSE-KMS (see: http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). This would enable users to input their KMS Key Id, and Cyberduck can send this key id as part of the upload request.

In the context of AWS CLI commands, you can check out this documentation: http://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html

You can specify the KMS Key Id by using --ssekms-key-id parameter.

Change History (4)

comment:1 Changed 3 years ago by dkocher

  • Status changed from new to assigned

comment:2 Changed 3 years ago by dkocher

  • Resolution set to fixed
  • Status changed from assigned to closed

In r20230. Currently there is no option to select a key but the default key configured in KMS.

comment:3 Changed 3 years ago by dkocher

  • Summary changed from Add Support for S3 SSE-KMS to Option to use AWS KMS–Managed Keys (SSE-KMS) for server side encryption

We plan to add support to select specific keys to use per bucket in a later version.

comment:4 Changed 2 years ago by dkocher

Allow selection of encrypstion keys managed in AWS-KMS in r20414.

Note: See TracTickets for help on using tickets.
swiss made software