forked from TrueCloudLab/rclone
Add AES256 server-side encryption for s3 - Fixes #491
Add a configuration key and support for AES256 server-side encryption.
This commit is contained in:
parent
d3dd672640
commit
6e35a3b3ce
2 changed files with 22 additions and 0 deletions
|
@ -121,6 +121,13 @@ Choose a number from below, or type in your own value
|
|||
9 / South America (Sao Paulo) Region.
|
||||
\ "sa-east-1"
|
||||
location_constraint> 1
|
||||
The server-side encryption algorithm used when storing this object in S3.
|
||||
Choose a number from below, or type in your own value
|
||||
1 / None
|
||||
\ ""
|
||||
2 / AES256
|
||||
\ "AES256"
|
||||
server_side_encryption>
|
||||
Remote config
|
||||
--------------------
|
||||
[remote]
|
||||
|
|
15
s3/s3.go
15
s3/s3.go
|
@ -134,6 +134,16 @@ func init() {
|
|||
Value: "sa-east-1",
|
||||
Help: "South America (Sao Paulo) Region.",
|
||||
}},
|
||||
}, {
|
||||
Name: "server_side_encryption",
|
||||
Help: "The server-side encryption algorithm used when storing this object in S3.",
|
||||
Examples: []fs.OptionExample{{
|
||||
Value: "",
|
||||
Help: "None",
|
||||
}, {
|
||||
Value: "AES256",
|
||||
Help: "AES256",
|
||||
}},
|
||||
}},
|
||||
})
|
||||
}
|
||||
|
@ -154,6 +164,7 @@ type Fs struct {
|
|||
perm string // permissions for new buckets / objects
|
||||
root string // root of the bucket - ignore all objects above this
|
||||
locationConstraint string // location constraint of new buckets
|
||||
sse string // the type of server-side encryption
|
||||
}
|
||||
|
||||
// Object describes a s3 object
|
||||
|
@ -303,6 +314,7 @@ func NewFs(name, root string) (fs.Fs, error) {
|
|||
// FIXME perm: s3.Private, // FIXME need user to specify
|
||||
root: directory,
|
||||
locationConstraint: fs.ConfigFile.MustValue(name, "location_constraint"),
|
||||
sse: fs.ConfigFile.MustValue(name, "server_side_encryption"),
|
||||
}
|
||||
if f.root != "" {
|
||||
f.root += "/"
|
||||
|
@ -814,6 +826,9 @@ func (o *Object) Update(in io.Reader, src fs.ObjectInfo) error {
|
|||
Metadata: metadata,
|
||||
//ContentLength: &size,
|
||||
}
|
||||
if o.fs.sse != "" {
|
||||
req.ServerSideEncryption = &o.fs.sse
|
||||
}
|
||||
_, err := uploader.Upload(&req)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
Loading…
Reference in a new issue