Set default bucket encryption during bucket creation #8478
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vh05
force-pushed
the
get_bucket_encryption
branch
from
2ad2f5c
to
0ae78a6
Compare
vh05
force-pushed
the
get_bucket_encryption
branch
3 times, most recently
from
0cdb765
to
a9b6309
Compare
vh05
force-pushed
the
get_bucket_encryption
branch
from
a9b6309
to
e8b1651
Compare
All S3 buckets have encryption configured by default, and objects are automatically encrypted by using server side encryption. When we do get-bucker-encryption on any bucket we get the the default encryption configuration. With this patch we set default encryption on bucket while creating the bucket and follow the behavior of S3 bucket Signed-off-by: Vinayakswami Hariharmath <[email protected]>
vh05
force-pushed
the
get_bucket_encryption
branch
from
e8b1651
to
ad54e15
Compare
dannyzaken
reviewed
Nov 13, 2024
|
|
||
| // Set default server side bucket encryption | ||
| // More details: https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucket-encryption.html | ||
| await req.object_sdk.put_bucket_encryption({ |
There was a problem hiding this comment.
Should this be set for any bucket, even namespace buckets (S3, blob)? It's worth checking the current support for bucket encryption in NS buckets and mapping the gaps. I think that if there are any gaps, we should at least make sure we are not setting a configuration that might conflict with the target configuration (e.g. S3 bucket)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
All S3 buckets have encryption configured by default, and objects are automatically encrypted by using server side encryption. When we do get-bucker-encryption on any bucket we get the the default encryption configuration.
With this patch we set default encryption on bucket while creating the bucket and follow the behavior of S3 bucket
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2318715