access denied when encryption is on in ts3put

Six Stars

access denied when encryption is on in ts3put

I have configured s3 bucket and able to put object when default encryption is aws-kms.

i have created customer managed key as well. 

 

so i am able to connect using access key , secrete key and customer master key.

 

now after apply following policy to bucket i am getting error as access denied.

 

{
"Version": "2012-10-17",
"Id": "BUCKETPOLICY",
"Statement": [

{
"Sid": "DenyIncorrectEncryptionHeaders",
"Effect": "Deny",
"Principal": "*",
"Action": "s3Smiley TongueutObject",
"Resource": "arn:aws:s3:::bucketname/*",
"Condition": {
"StringNotEquals": {
"s3:x-amz-server-side-encryption": "aws:kms",
"s3:x-amz-server-side-encryption-aws-kms-key-id": "arn************************************************"
}
}
}
]
}

 

without bucket policy and with same credentials i am able to put the data. Then why bucket policy is denying access?

Community Manager

Re: access denied when encryption is on in ts3put

This is a policy to deny access. You may need to give a bit more detail here.

Highlighted
Six Stars

Re: access denied when encryption is on in ts3put

i got the solution. Server side encryption in ts3put should be unchecked when that policy is applied on the bucket.

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

APIs for Dummies

View this on-demand webinar about APIs....

Watch Now

6 Ways to Start Utilizing Machine Learning with Amazon We Services and Talend

Look at6 ways to start utilizing Machine Learning with Amazon We Services and Talend

Blog

Why Companies Move to the Cloud: 7 Success Stories

Learn how and why companies are moving to the Cloud

Read Now