问题描述
我正在尝试从启用了 SSE 的 Android 设备上传到 S3 存储桶。
我尝试了以下方法:
val file = File(filePath)
val putRequest = PutObjectRequest(bucket,key,file)
s3Client.putObject(putRequest)
该对象确实已上传到指定位置,并且具有正确的 CMK,但是 putObject 调用抛出“无法验证数据上传的完整性。客户端计算的内容哈希与由亚马逊 S3"
为了避免这个错误,我可以运行:
val file = File(filePath)
val putRequest = PutObjectRequest(bucket,file)
ServiceUtils.skipMd5CheckPerRequest(putRequest)
s3Client.putObject(putRequest)
这会引发相同的错误,因为 skipMd5CheckPerRequest 需要初始化 PutRequest 元数据。
所以我尝试了:
val file = File(filePath)
val Metadata = ObjectMetadata()
Metadata.sseAlgorithm = SSEAlgorithm.KMS.algorithm
val putRequest = PutObjectRequest(bucket,file)
.withMetadata(Metadata)
ServiceUtils.skipMd5CheckPerRequest(putRequest)
s3Client.putObject(putRequest)
现在对象上传成功,没有任何错误。但是,它使用默认的 S3 KMS keyId aws/s3 加密,而不是使用 KMSMasterKeyID 加密,如 CF 中的存储桶定义(如下)。
CloudFormation 中的存储桶定义:
"Type": "AWS::S3::Bucket","Properties": {
"AccessControl": "BucketownerFullControl","BucketEncryption": {
"ServerSideEncryptionConfiguration": [
{
"ServerSideEncryptionByDefault": {
"KMSMasterKeyID": {
"Fn::GetAtt": [
"someidhere","Arn"
]
},"SSEAlgorithm": "aws:kms"
}
}
]
},"BucketName": "mybucketname","LifecycleConfiguration": {
"Rules": [
{
"ExpirationInDays": 30,"Status": "Enabled"
}
]
},"PublicAccessBlockConfiguration": {
"BlockPublicAcls": true,"BlockPublicPolicy": true,"IgnorePublicAcls": true,"RestrictPublicBuckets": true
}
},"UpdateReplacePolicy": "Retain","DeletionPolicy": "Retain","Metadata": {
"aws:cdk:path": "path/to/cdk/CF-stack"
}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)