0 
import requests

url = 'https://s3.amazonaws.com/<some-bucket-name>'

data = { 'key': 'test/test.jpeg' }
files = { 'file': open('test.jpeg', 'rb') }

r = requests.post(url, data=data, files=files)

I want to upload an image to the S3 bucket as above.The S3 bucket is enabled with AES256 encryption. How will I be able to specify the encryption in post requests?

Improve this question
2
  • Does this work without ServerSideEncryption? Commented Feb 5, 2021 at 10:27
  • @Marcin If the S3 bucket is not enabled with encription,it will work.My question is to understand the way to mension the ServerSideEncryption,if S3 is enables with AES256 encription Commented Feb 5, 2021 at 10:49

1 Answer 1

Reset to default
2

Warning

It seems like you have configured your bucket in a way that allows unauthenticated PUT requests into it - this is dangerous and may become expensive, because essentially anybody that knows your bucket name can put data into it and you'll have to pay the bill. I recommend you change that.

If you want it to stay that way, you can use headers to configure the encryption type for each object as described in the PutObject API-Reference.

The most relevant (excluding SSE-C encryption) are these two:

x-amz-server-side-encryption

The server-side encryption algorithm used when storing this object in Amazon S3 (for example, AES256, aws:kms).

Valid Values: AES256 | aws:kms

x-amz-server-side-encryption-aws-kms-key-id

If x-amz-server-side-encryption is present and has the value of aws:kms, this header specifies the ID of the AWS Key Management Service (AWS KMS) symmetrical customer managed customer master key (CMK) that was used for the object.

If the value of x-amz-server-side-encryption is aws:kms, this header specifies the ID of the symmetric customer managed AWS KMS CMK that will be used for the object. If you specify x-amz-server-side-encryption:aws:kms, but do not provide x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the AWS managed CMK in AWS to protect the data.

You can add these in your requests.post call.

The API-Docs of the requests library specify how to do that, so it should look roughly like this:

requests.post(
    url,
    data=data,
    files=files,
    headers={"x-amz-server-side-encryption": "AES:256"}
)
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Thanks for your suggestion. My question is, how will i mention the encryption as AES256 on the requests. post? What syntax should I follow?
I suggest you read the documentation I quoted, the x-amz-server-side-encryption with the value AES256 is going to do the trick :)
I already went though it before posting the question .But i couldn't figure-out the way to mention the tag.Do you think it will be like below?` r = requests.post(url, data=data, files=files, x-amz-server-side-encryption='AES256' )
I added a sample

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.