public void transferList(List<File> list) {
String key;
String bucketName;
String sseKmsKeyId;
AmazonS3 amazonS3;
TransferManager xfermgr;
try {
amazonS3 = "";
key = "";
bucketName = "";
sseKmsKeyId = "";
xfermgr = new TransferManager(amazonS3);
}
try {
ObjectMetadataProvider objectMetadataProvider = new ObjectMetadataProvider() {
@Override
public void provideObjectMetadata(File file, ObjectMetadata metadata) {
// metadata.setSSEAlgorithm("aws:kms");
// metadata.setSSECustomerAlgorithm(sseKmsKeyId);
// metadata.setServerSideEncryption(sseKmsKeyId); //
metadata.setSSEAlgorithm(sseAwsKeyManagementParams.getAwsKmsKeyId());
}
}; // ObjectMetadata objectMetadata = new ObjectMetadata(); //
objectMetadata.setSSEAlgorithm(sseKmsKeyId);
LOGGER.info("uploaded file = {} {} {} ", bucketName, key, new File(".").getAbsoluteFile());
MultipleFileUpload dirUpload = xfermgr.uploadFileList(bucketName, key, list.get(0).getParentFile(), list);
dirUpload.waitForCompletion();
} catch (AmazonServiceException e) {
throw new AmazonServiceException(e);
}
}
MultipleFileUpload dirUpload = xfermgr.uploadFileList(bucketName, key, list.get(0).getParentFile(), list);
我们如何使用MultipleFileUpload上传kmskey
答案 0 :(得分:0)
ObjectMetadataProvider objectMetadataProvider = new ObjectMetadataProvider() {
@Override
public void provideObjectMetadata(File file, ObjectMetadata metadata) {
metadata.setSSEAlgorithm(sseAwsKeyManagementParams.getEncryption()); // will always be your aws:kms
metadata.setHeader(
Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID,
sseAwsKeyManagementParams.getAwsKmsKeyId()
);
}
};
您缺少必须在元数据中设置的标头,并始终使用setSSEAlgorithm(setSSECustomerAlgorithm供内部使用,而不是请求)。
最重要的是,你应该拥有:
final SSEAwsKeyManagementParams sseAwsKeyManagementParams = new SSEAwsKeyManagementParams(KMS_KEY_GOES_HERE);
将在您的请求中保留您的KMS密钥。
祝你好运。