我正在尝试从S3检索加密的对象(由SES放入那里)。
无论我提供给KMSEncryptionMaterialsProvider(x)的什么参数,我都不了解,该对象未加密并成功检索。
即使提供未被加密过程使用的CMK,也可以正常工作。
如果没有withEncryptionMaterials(x),它将失败。
我误解了什么?
BasicAWSCredentials credentials = new BasicAWSCredentials(awsId, awsSecret);
CryptoConfiguration cryptoConf = new CryptoConfiguration()
.withAwsKmsRegion(RegionUtils.getRegion(Regions.EU_WEST_1.getName()));
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.EU_WEST_1)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.withCryptoConfiguration(cryptoConf)
//.withEncryptionMaterials(new SimpleMaterialProvider())
//.withEncryptionMaterials(new KMSEncryptionMaterialsProvider("aws/ses"))
//.withEncryptionMaterials(new KMSEncryptionMaterialsProvider("ses-dev-emaildrop"))
.build();
S3Object s3object = s3Client.getObject(new GetObjectRequest(bucketName, s3ObjKey));