Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.2.0
Description
NiFi currently only supportsĀ SSE-S3 encryption (AES256).
Support needs to be added for:
- SSE-S3
- SSE-KMS
- SSE-C
- CSE-KMS CMK
- CSE-Master Key
With all of the appropriate configuration options and such that SSE is available only for PutS3Object whilst CSE is available also for FetchS3Object.
Given that this will add another 20 or so UI properties the intention is to split it into a Client Side Encryption Service and Server Side Encryption Service. This will allow users to reuse "encryption" across different workflows.
Existing flows using the Server Side Encryption option will still work as is but will be overridden if a service is added.
Attachments
Attachments
Issue Links
- duplicates
-
NIFI-3645 Add aws:kms, sse-c, sse-c-key, and sse-kms-key-id capability to server side encryption in the PutS3Object processor.
- Resolved
- is related to
-
NIFI-3645 Add aws:kms, sse-c, sse-c-key, and sse-kms-key-id capability to server side encryption in the PutS3Object processor.
- Resolved
- relates to
-
NIFI-1769 Add support for SSE-KMS and S3 Signature Version 4 Authentication AWS
- Patch Available
- links to