List of usage examples for com.amazonaws.services.s3.model SSEAlgorithm AES256
SSEAlgorithm AES256
To view the source code for com.amazonaws.services.s3.model SSEAlgorithm AES256.
Click Source Link
From source file:com.streamsets.pipeline.lib.aws.s3.S3Accessor.java
License:Apache License
public EncryptionMetadataBuilder createEncryptionMetadataBuilder() { return () -> { ObjectMetadata metadata = null;/* w w w .j a v a 2 s . c om*/ if (sseConfigs != null) { switch (sseConfigs.getEncryption()) { case NONE: metadata = null; break; case S3: metadata = new ObjectMetadata(); metadata.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm()); break; case KMS: metadata = new ObjectMetadata(); metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm()); metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID, sseConfigs.getKmsKeyId().get()); metadata.setHeader("x-amz-server-side-encryption-context", sseConfigs.getEncryptionContext().entrySet().stream().collect( Collectors.toMap(e -> e.getKey(), e -> Caller.call(() -> e.getValue().get())))); break; case CUSTOMER: metadata = new ObjectMetadata(); metadata.setSSECustomerAlgorithm(SSEAlgorithm.AES256.getAlgorithm()); metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY, sseConfigs.getCustomerKey().get()); metadata.setHeader(Headers.COPY_SOURCE_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY_MD5, sseConfigs.getCustomerKeyMd5().get()); break; default: throw new IllegalArgumentException( String.format("Invalid encryption option '%s'", sseConfigs.getEncryption())); } } return metadata; }; }
From source file:com.streamsets.pipeline.stage.destination.s3.FileHelper.java
License:Apache License
protected ObjectMetadata getObjectMetadata() throws StageException { ObjectMetadata metadata = null;//from w w w . j a va 2 s . c om if (s3TargetConfigBean.sseConfig.useSSE) { metadata = new ObjectMetadata(); switch (s3TargetConfigBean.sseConfig.encryption) { case S3: metadata.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm()); break; case KMS: metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm()); metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID, s3TargetConfigBean.sseConfig.kmsKeyId.get()); if (!s3TargetConfigBean.sseConfig.encryptionContext.isEmpty()) { metadata.setHeader("x-amz-server-side-encryption-context", s3TargetConfigBean.sseConfig.resolveEncryptionContext()); } break; case CUSTOMER: metadata.setSSECustomerAlgorithm(SSEAlgorithm.AES256.getAlgorithm()); metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY, s3TargetConfigBean.sseConfig.customerKey.get()); metadata.setHeader(Headers.COPY_SOURCE_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY_MD5, s3TargetConfigBean.sseConfig.customerKeyMd5.get()); break; default: throw new IllegalStateException( Utils.format("Unknown encryption option: ", s3TargetConfigBean.sseConfig.encryption)); } } return metadata; }
From source file:io.confluent.connect.s3.storage.S3OutputStream.java
License:Open Source License
public S3OutputStream(String key, S3SinkConnectorConfig conf, AmazonS3 s3) { this.s3 = s3; this.bucket = conf.getBucketName(); this.key = key; this.ssea = conf.getSsea(); final String sseCustomerKeyConfig = conf.getSseCustomerKey(); this.sseCustomerKey = (SSEAlgorithm.AES256.toString().equalsIgnoreCase(ssea) && StringUtils.isNotBlank(sseCustomerKeyConfig)) ? new SSECustomerKey(sseCustomerKeyConfig) : null; this.sseKmsKeyId = conf.getSseKmsKeyId(); this.partSize = conf.getPartSize(); this.cannedAcl = conf.getCannedAcl(); this.closed = false; this.buffer = ByteBuffer.allocate(this.partSize); this.progressListener = new ConnectProgressListener(); this.multiPartUpload = null; this.compressionType = conf.getCompressionType(); log.debug("Create S3OutputStream for bucket '{}' key '{}'", bucket, key); }
From source file:org.finra.herd.dao.impl.S3DaoImpl.java
License:Apache License
/** * Prepares the object metadata for server side encryption and reduced redundancy storage. * * @param params the parameters.// w w w . j a v a 2s . c o m * @param metadata the metadata to prepare. */ private void prepareMetadata(final S3FileTransferRequestParamsDto params, ObjectMetadata metadata) { // Set the server side encryption if (params.getKmsKeyId() != null) { /* * TODO Use proper way to set KMS once AWS provides a way. * We are modifying the raw headers directly since TransferManager's uploadFileList operation does not provide a way to set a KMS key ID. * This would normally cause some issues when uploading where an MD5 checksum validation exception will be thrown, even though the object is * correctly uploaded. * To get around this, a system property defined at * com.amazonaws.services.s3.internal.SkipMd5CheckStrategy.DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY must be set. */ metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm()); metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID, params.getKmsKeyId().trim()); } else { metadata.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm()); } // If specified, set the metadata to use RRS. if (Boolean.TRUE.equals(params.isUseRrs())) { // TODO: For upload File, we can set RRS on the putObjectRequest. For uploadDirectory, this is the only // way to do it. However, setHeader() is flagged as For Internal Use Only metadata.setHeader(Headers.STORAGE_CLASS, StorageClass.ReducedRedundancy.toString()); } }