RE: AWS S3 KMS encrypted store

Jamie Sammons, modified 4 Years ago.

New Member Posts: 5 Join Date: 1/28/21 Recent Posts

Its is possible in liferay to hava an s3 store with static credentials generated via IAM roles (Access key and Secret Key ). Is it possble to have a server side encryption for s3 , via AWS KMS so that we dont use a static key but we have dynamic keys

Olaf Kock, modified 4 Years ago.

RE: AWS S3 KMS encrypted store

Liferay Legend Posts: 6441 Join Date: 9/23/08 Recent Posts

I haven't seen such an option in the S3 store, but its implementation should be quite simple to look at. Which means that it should be quite simple to implement a custom S3 store that encrypts/decrypts files.

Note that this now turns your "trust" problem into a key-management problem. Check what you're protecting yourself from, and if this encryption helps (I'm not saying it doesn't - just check upfront)

Community

Company

Feedback

Ask Questions and Find Answers

Important:

Ask is now read-only. You can review any existing questions and answers, but not add anything new.

But - don't panic! While ask is no more, we've replaced it with discuss - the new Liferay Discussion Forum! Read more here here or just visit the site here:

discuss.liferay.com

RE: AWS S3 KMS encrypted store