Enable server-side encryption for S3. #111
Conversation
|
@barboni How would i tell s3 the key when downloading? At the moment i use the url. |
|
@benjamin79 The only reason I didn't merge it yet, is because I didn't have the time to review it yet. It is on my TODO list though |
|
@benjamin79 You have to set the following three headers accordingly: x-amz-server-side-encryption-customer-key, x-amz-server-side-encryption-customer-key-MD5, x-amz-server-side-encryption-customer-algorithm. Here's a snippet to help you out: https://gist.github.com/barboni/4c64b6e0895aafd9e7c0 |
|
Patch looks fine, IMHO. @benjamin79 , will you please merge? |
|
This is actually broken because the I'll be opening another PR with a correction shortly. |
|
Disregard my last message, I misinterpreted how this works. Just tested this out, LGTM. |
|
Can we please look to accept this PR? Seems like a straightforward yet important addition to Slingshot! |
|
+1 This seems like a simple fix. We really need this functionality, too. |
|
@gsuess Was geht jetzt mit dieser PR? |
|
Two more months and the PR is one year old. Yay! |
|
I'm wondering if the thing to do is fork this repo and take it over. Not sure I want to, but it's an idea. |
|
Work excelent, but on google chrome is not active AES256 on S3 file, but in safari is working...didnt know why! |
|
@gsuess Could you review this PR? |
|
Would love to see this happen. This added functionality is crucial to enterprise applications that require the added security. |
|
+1 this is a great feature and a shame not to have it included in slingshot - I am about to roll my own version of this for my app and would have been nice to just use Slingshot! |
|
In case it's helpful for anyone, I ended up merging this PR into the latest version of the package and put it up on Atmosphere: https://atmospherejs.com/jamiesoncj/slingshot - sorry for creating one more atmosphere package rather than waiting for this PR to get merged in, but I just needed this functionality. |
|
+1 Please pull. This package is virtually useless without encryption for me. I have multiple projects that require it, and this package is the most secure and efficient way to handle file uploads on S3 so far. But setting the encryption flag is a must. |
|
This can be merged. @gsuess did you have time to review? |
|
Just adding another voice that this patch is crucial for my project and I would love to see it included in the main Slingshot package. |
|
@jamiesoncj Are you still successfully using your package? Found this when trying to figure out this functionality... Also, just to confirm, it seems a near drop in replacement (with regards to the package API's and how things work). Is this correct? Update Tried it as a drop in replacement and seems to be working great, thank you! |
|
@HemalR sorry for slow reply - but looks like you tried it and it's working so 👍 😄 |
|
No worries mate, thanks for doing the work! |
Solves issue #75.