Set default bucket encryption during bucket creation

All S3 buckets have encryption configured by default, and objects are automatically encrypted by using server side encryption. When we do get-bucker-encryption on any bucket we get the the default encryption configuration. With this patch we set default encryption on bucket while creating the bucket and follow the behavior of S3 bucket Signed-off-by: Vinayakswami Hariharmath <[email protected]>
noobaa · Nov 12, 2024 · 85a97aa · 85a97aa
1 parent 259adab
commit 85a97aa
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/src/endpoint/s3/ops/s3_put_bucket.js b/src/endpoint/s3/ops/s3_put_bucket.js
@@ -9,6 +9,15 @@ async function put_bucket(req, res) {
     const lock_enabled = config.WORM_ENABLED ? req.headers['x-amz-bucket-object-lock-enabled'] &&
         req.headers['x-amz-bucket-object-lock-enabled'].toUpperCase() === 'TRUE' : undefined;
     await req.object_sdk.create_bucket({ name: req.params.bucket, lock_enabled: lock_enabled });
+
+    // Set default server side bucket encryption
+    // More details: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html
+    await req.object_sdk.put_bucket_encryption({
+        name: req.params.bucket,
+        encryption: {
+            "algorithm":"AES256",
+        }
+    });
     res.setHeader('Location', '/' + req.params.bucket);
 }