Data360 Analyze

 View Only
  • 1.  S3 Put with KMS keys

    Posted 03-05-2024 10:36
    Edited by Gerry Mullin 03-05-2024 11:52

    We are trying to upload a file to an S3 bucket. Using the standard encryption works fine, but when we change to use Server-side encryption with AWS Key Management Service keys (SSE-KMS) and specify a Encryption key ARN, it will continue to upload but the encryption type is Server-side encryption with Amazon S3 managed keys (SSE-S3). This will fail our audit and we have a policy now on the S3 bucket to only allow TLS connections and it must use the Encryption key ARN. I don't see any option on the node more advanced than setting Encryption to True or False. Has anybody successfully uploaded a file using this encryption method?

    Update: The following works on the command line, which I am now calling from a Transform node, but would like to use the S3 nodes provided.

    aws s3 cp {FileName} {Bucket} --sse aws:kms --sse-kms-key-id {Key}



    ------------------------------
    Gerry Mullin
    Avalara Inc
    Seattle WA
    ------------------------------



  • 2.  RE: S3 Put with KMS keys

    Employee
    Posted 03-06-2024 05:25

    Hi Gerry,

    The S3 Put node currently only supports the default encryption type. A product enhancement would be required to support different encryption types.

    Can you please raise an enhancement request on the Precisely Ideas page for Analyze as this will enable you to raise this with the Product Management team and track it's progress. It will also enable other customers to vote for the change too.

    Regards,

    Adrian



    ------------------------------
    Adrian Williams
    Precisely Software Inc.
    ------------------------------



  • 3.  RE: S3 Put with KMS keys

    Posted 03-06-2024 09:36

    Thanks Adrian.



    ------------------------------
    Gerry Mullin
    Avalara Inc
    Seattle WA
    ------------------------------