You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi ,
First of all it is amazing script, which came to my rescue, for a quick deliverable.
It will be great if we had the functionality to use CMK for server side encryption of s3 bucket.
Currently I get an error as below boto3.exceptions.S3UploadFailedError: Failed to upload /var/tmp/kmstool_temp/979cbe50-0148-4af6-9029-aa7d789c014e/temp_output to <s3-bucket name>/test.file.new.3: An error occurred (InvalidArgument) when calling the CreateMultipartUpload operation: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4.
The text was updated successfully, but these errors were encountered:
Good catch. I had never tried this. I'll work on reproducing and get an estimate of time investment on a fix.
Could you send me the exact kmstool command flags you were using and some info about how your bucket is set up? This would help me reproduce and fix faster. Please do as you did for your error here and scrub the bucket name or any account identifiers from what ever you post.
I took a look into this. Is it that your bucket has a policy that requires SSE and you would like kmstool to be able to support S3 uploads with an SSE KMS/Customer Provided AES256 key?
Hi @dejonghe ,
Absolutely, you are right, I have setup bucket policy to allow upload only encrypted object , using KMS provided key. Also the default encryption set for the s3 bucket is AWS-KMS with the same key-id which I am using for encryption and upload.
Hi ,
First of all it is amazing script, which came to my rescue, for a quick deliverable.
It will be great if we had the functionality to use CMK for server side encryption of s3 bucket.
Currently I get an error as below
boto3.exceptions.S3UploadFailedError: Failed to upload /var/tmp/kmstool_temp/979cbe50-0148-4af6-9029-aa7d789c014e/temp_output to <s3-bucket name>/test.file.new.3: An error occurred (InvalidArgument) when calling the CreateMultipartUpload operation: Requests specifying Server Side Encryption with AWS KMS managed keys require AWS Signature Version 4.
The text was updated successfully, but these errors were encountered: