-
Notifications
You must be signed in to change notification settings - Fork 93
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Server side encryption configuration option #3
Comments
Here's an example of functioning AES256 encrypted S3 backend initialization under Refile 0.5.4: aws = {
access_key_id: 'aws_access_key_id',
secret_access_key: 'aws_secret_access_key',
bucket: 'aws_bucket_name',
s3_server_side_encryption: :aes256
}
Refile.cache = Refile::Backend::S3.new(prefix: 'cache', **aws)
Refile.store = Refile::Backend::S3.new(prefix: 'store', **aws) |
That's pretty annoying. We should probably still accept these options the same way and pass them through to the relevant library calls. A PR for this would be greatly appreciated! |
…esigned_post (issue refile#3)
Comments/advice on my approach would be nice before a PR. Couple of notes:
|
And here's a configuration example:
PS. After a more through look at |
…d presigned_post (issue refile#3)
I got bit annoyed of my initial implementation and took a second stab at the problem. This second take allows a flat configuration eg:
The downside is that |
Older Refile version, using AWS SDK V1, supported configuring server side encryption via the s3_options per S3 backend / bucket.
https://github.com/refile/refile/blob/bdc1fead72747a18f7120189d860f6368dbdc81e/lib/refile/backend/s3.rb#L37
AWS SDK V2 doesn't support configuring this option on the Aws::S3::Resource object.
https://github.com/refile/refile-s3/blob/master/lib/refile/s3.rb#L40
I think being able to define the encryption per bucket would be a rather essential feature. AWS SDK V2 requires this to be passed as part of the options argument for
copy_from
,put
andpresigned_post
methods (for exampleserver_side_encryption: 'aes256'
).https://github.com/refile/refile-s3/blob/master/lib/refile/s3.rb#L56
https://github.com/refile/refile-s3/blob/master/lib/refile/s3.rb#L58
https://github.com/refile/refile-s3/blob/master/lib/refile/s3.rb#L140
http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Object.html#copy_from-instance_method
http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Object.html#put-instance_method
http://docs.aws.amazon.com/sdkforruby/api/Aws/S3/Object.html#presigned_post-instance_method
IMO these are some of the other "static" options that could be a deal breaker for some, but not relevant to my use case:
The text was updated successfully, but these errors were encountered: