KMS server-side encryption support

[bonebox]

The AWSS3PutObjectRequest class has a SSEKMSKeyId property, which makes it seem like KMS should be supported. The comment for the serverSideEncryption property also mentions aws:kms as an option, however the AWSS3ServerSideEncryption enum only has an entry for AES256. Is there a way with the current SDK to manually set the x-amz-server-side​-encryption header to aws:kms for an upload request?

As a test, I added an entry for KMS to the AWSS3ServerSideEncryption enum, and updated the methods in AWSS3Model.h that return "AES256" when that corresponding enum is set to also return "aws:kms" when the new enum value is set, and I was able to successfully upload using KMS by setting SSEKMSKeyId and using my new enum for serverSideEncryption. So it seems like a pretty simple change to make. Is there a reason why this hasn't been added yet? Should I submit a pull request with my changes?

[bonebox]

Sent pull request #186. We verified a successful KMS server-side encryption for an S3 upload using .serverSideEncryption = AWSS3ServerSideEncryptionKMS and setting valid key for SSEKMSKeyId.

[yosuke-matsuda]

Thank you for the pull request. We will add the enum in the future release. Thanks.

[bonebox]

Thanks, @yosuke-matsuda! Any ETA on when that will be added?

[bonebox]

I noticed this still hasn't been added in the latest release. Are there still plans for this support?

[VarunSurana]

Hi..Does anyone have an update on when this will be available as a framework which can be included in existing project.

[ghost]

We've just released AWS Mobile SDK for iOS 2.2.6 which supported KMS server-side encryption.