下面列出了怎么用com.amazonaws.services.s3.model.SSEAlgorithm的API类实例代码及写法,或者点击链接到github查看源代码。
/**
* Prepares the object metadata for server side encryption and reduced redundancy storage.
*
* @param params the parameters.
* @param metadata the metadata to prepare.
*/
private void prepareMetadata(final S3FileTransferRequestParamsDto params, ObjectMetadata metadata)
{
// Set the server side encryption
if (params.getKmsKeyId() != null)
{
/*
* TODO Use proper way to set KMS once AWS provides a way.
* We are modifying the raw headers directly since TransferManager's uploadFileList operation does not provide a way to set a KMS key ID.
* This would normally cause some issues when uploading where an MD5 checksum validation exception will be thrown, even though the object is
* correctly uploaded.
* To get around this, a system property defined at
* com.amazonaws.services.s3.internal.SkipMd5CheckStrategy.DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY must be set.
*/
metadata.setSSEAlgorithm(SSEAlgorithm.KMS.getAlgorithm());
metadata.setHeader(Headers.SERVER_SIDE_ENCRYPTION_AWS_KMS_KEYID, params.getKmsKeyId().trim());
}
else
{
metadata.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm());
}
// If specified, set the metadata to use RRS.
if (Boolean.TRUE.equals(params.isUseRrs()))
{
// TODO: For upload File, we can set RRS on the putObjectRequest. For uploadDirectory, this is the only
// way to do it. However, setHeader() is flagged as For Internal Use Only
metadata.setHeader(Headers.STORAGE_CLASS, StorageClass.ReducedRedundancy.toString());
}
}
private boolean enableEncryption() {
if (!encrypt) {
return true;
}
ServerSideEncryptionRule serverSideEncryptionRule = new ServerSideEncryptionRule();
ServerSideEncryptionByDefault serverSideEncryptionByDefault =
new ServerSideEncryptionByDefault();
serverSideEncryptionByDefault.setSSEAlgorithm(SSEAlgorithm.AES256.getAlgorithm());
serverSideEncryptionRule.setApplyServerSideEncryptionByDefault(serverSideEncryptionByDefault);
SetBucketEncryptionRequest setBucketEncryptionRequest = new SetBucketEncryptionRequest();
setBucketEncryptionRequest.setBucketName(bucket);
ServerSideEncryptionConfiguration serverSideEncryptionConfiguration =
new ServerSideEncryptionConfiguration();
ArrayList<ServerSideEncryptionRule> serverSideEncryptionRules = new ArrayList<>();
serverSideEncryptionRules.add(serverSideEncryptionRule);
serverSideEncryptionConfiguration.setRules(serverSideEncryptionRules);
setBucketEncryptionRequest
.setServerSideEncryptionConfiguration(serverSideEncryptionConfiguration);
amazonS3.setBucketEncryption(setBucketEncryptionRequest);
GetBucketEncryptionResult result = amazonS3.getBucketEncryption(bucket);
return !result.getServerSideEncryptionConfiguration().getRules().isEmpty();
}