Skip to content

NimTechnology

Trình bày các công nghệ CLOUD một cách dễ hiểu.

  • Kubernetes & Container
    • Docker
    • Kubernetes
      • Ingress
      • Pod
    • Helm Chart
    • OAuth2 Proxy
    • Isito-EnvoyFilter
    • Apache Kafka
      • Kafka
      • Kafka Connect
      • Lenses
    • Vault
    • Longhorn – Storage
    • VictoriaMetrics
    • MetalLB
    • Kong Gateway
  • CI/CD
    • ArgoCD
    • ArgoWorkflows
    • Argo Events
    • Spinnaker
    • Jenkins
    • Harbor
    • TeamCity
    • Git
      • Bitbucket
  • Coding
    • DevSecOps
    • Terraform
      • GCP – Google Cloud
      • AWS – Amazon Web Service
      • Azure Cloud
    • Golang
    • Laravel
    • Python
    • Jquery & JavaScript
    • Selenium
  • Log, Monitor & Tracing
    • DataDog
    • Prometheus
    • Grafana
    • ELK
      • Kibana
      • Logstash
  • BareMetal
    • NextCloud
  • Toggle search form

[AWS] Encrypting data when stored in S3

Posted on September 23, 2022May 24, 2023 By nim No Comments on [AWS] Encrypting data when stored in S3

Bạn có 1 S3 và bạn muốn encyption data khi bạn quang file lên S3 đó.

1) Amazon S3 – customer-provided encryption key (SSE-C)

Bạn có thể tham khảo trước video này

–sse-c-key: là string gồm 32 kí tự

##Uploading a file on local or your laptop to S3 with the declarations such as: "sse-c, sse-c-key"
###############
aws s3 cp ./dev.yaml s3://access-s3-from-other-account/sse-c-dev.yaml --sse-c AES256 --sse-c-key 11111111111111111111111111111111 --profile k8s-nimtechnology-staging
upload: ./dev.yaml to s3://access-s3-from-other-account/sse-c-dev.yaml

##Checking this file to exist on S3
aws s3 ls s3://access-s3-from-other-account/
2022-09-22 23:04:38        348 dev.yaml
2022-09-23 00:01:08        348 sse-c-dev.yaml

###Download this file on S3 without "--sse-c --sse-c-key"
aws s3 cp s3://access-s3-from-other-account/sse-c-dev.yaml . --profile k8s-nimtechnology-staging
fatal error: An error occurred (400) when calling the HeadObject operation: Bad Request

###Download this file on S3 with invalid sse-c-key.
aws s3 cp s3://access-s3-from-other-account/sse-c-dev.yaml . --sse-c AES256 --sse-c-key 11111111111111111111111111221111 --profile k8s-nimtechnology-staging
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden

root@LP11-D7891:~/demo-kms# aws s3 cp s3://access-s3-from-other-account/sse-c-dev.yaml . --sse-c AES256 --sse-c-key 11111111111111111111111111111111 --profile k8s-nimtechnology-staging
download: s3://access-s3-from-other-account/sse-c-dev.yaml to ./sse-c-dev.yaml

https://kungfutech.edu.vn/bai-viet/aws/s3-encryption#s3-encryption-trong-aws
Bạn có thể đọc thêm bài này, vì chúng ta còn 2 kiểu encrypt khác

AWS - Amazon Web Service

Post navigation

Previous Post: [Aws] Access S3 or bucket from other account AWS
Next Post: [Assume Role/KMS] Using Assume Role to make the other AWS Account access all KMS that/this AWS Account.

More Related Articles

[Demo] Instructing configure AssumeRole – IAM on AWS AWS - Amazon Web Service
[AWS] How to increase the disk size of a Windows EC2 machine? AWS - Amazon Web Service
[AWS] Login and get secret/token/credential of ECR AWS - Amazon Web Service
[EKS] the exciting and helpful things about EKS AWS - Amazon Web Service
[Terraform] Infrastructure Automation With Terraform – Lesson 1: Setup AWS AWS - Amazon Web Service
[EKS/IPs] Increase most many IPs as possible on each Node of your EKS. AWS - Amazon Web Service

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Tham Gia Group DevOps nhé!
Để Nim có nhiều động lực ra nhiều bài viết.
Để nhận được những thông báo mới nhất.

Recent Posts

  • [Azure] The subscription is not registered to use namespace ‘Microsoft.ContainerService’ May 8, 2025
  • [Azure] Insufficient regional vcpu quota left May 8, 2025
  • [WordPress] How to add a Dynamic watermark on WordPress. May 6, 2025
  • [vnet/Azure] VNet provisioning via Terraform. April 28, 2025
  • [tracetcp] How to perform a tracert command using a specific port. April 3, 2025

Archives

  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021

Categories

  • BareMetal
    • NextCloud
  • CI/CD
    • Argo Events
    • ArgoCD
    • ArgoWorkflows
    • Git
      • Bitbucket
    • Harbor
    • Jenkins
    • Spinnaker
    • TeamCity
  • Coding
    • DevSecOps
    • Golang
    • Jquery & JavaScript
    • Laravel
    • NextJS 14 & ReactJS & Type Script
    • Python
    • Selenium
    • Terraform
      • AWS – Amazon Web Service
      • Azure Cloud
      • GCP – Google Cloud
  • Kubernetes & Container
    • Apache Kafka
      • Kafka
      • Kafka Connect
      • Lenses
    • Docker
    • Helm Chart
    • Isito-EnvoyFilter
    • Kong Gateway
    • Kubernetes
      • Ingress
      • Pod
    • Longhorn – Storage
    • MetalLB
    • OAuth2 Proxy
    • Vault
    • VictoriaMetrics
  • Log, Monitor & Tracing
    • DataDog
    • ELK
      • Kibana
      • Logstash
    • Fluent
    • Grafana
    • Prometheus
  • Uncategorized
  • Admin

Copyright © 2025 NimTechnology.