Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rgw: include SSE-KMS headers in encrypted upload response #17999

merged 1 commit into from Oct 2, 2017


None yet
2 participants
Copy link

commented Sep 27, 2017

tested with boto3 against a cluster:

import boto3
session = boto3.session.Session()
s3 = session.client('s3', aws_access_key_id='0555b35654ad1656d804', aws_secret_access_key='h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==', endpoint_url='http://localhost:8000')
s3.put_object(Bucket='bucket', Key='foo', Body='abcdefg', ServerSideEncryption='aws:kms', SSEKMSKeyId='testkey-1')

without this patch, the response is missing the expected encryption headers:

{u'ETag': '"7ac66c0f148de9519b8bd264312c4d64"', 'ResponseMetadata': {'HTTPStatusCode': 200, 'RetryAttempts': 0, 'HostId': '', 'RequestId': 'tx000000000000000000002-0059cbf0e9-100a-default', 'HTTPHeaders': {'date': 'Wed, 27 Sep 2017 18:41:46 GMT', 'content-length': '0', 'etag': '"7ac66c0f148de9519b8bd264312c4d64"', 'accept-ranges': 'bytes', 'x-amz-request-id': 'tx000000000000000000002-0059cbf0e9-100a-default'}}}

with this patch applied, the headers are included:

{u'SSEKMSKeyId': 'testkey-1', u'ETag': '"7ac66c0f148de9519b8bd264312c4d64"', 'ResponseMetadata': {'HTTPStatusCode': 200, 'RetryAttempts': 0, 'HostId': '', 'RequestId': 'tx000000000000000000002-0059cbec74-100a-default', 'HTTPHeaders': {'content-length': '0', 'accept-ranges': 'bytes', 'x-amz-server-side-encryption-aws-kms-key-id': 'testkey-1', 'etag': '"7ac66c0f148de9519b8bd264312c4d64"', 'x-amz-request-id': 'tx000000000000000000002-0059cbec74-100a-default', 'date': 'Wed, 27 Sep 2017 18:22:45 GMT', 'x-amz-server-side-encryption': 'aws:kms'}}, u'ServerSideEncryption': 'aws:kms'}


rgw: include SSE-KMS headers in encrypted upload response

Signed-off-by: Casey Bodley <>

@cbodley cbodley requested a review from aclamk Sep 27, 2017


This comment has been minimized.

Copy link
Contributor Author

commented Sep 27, 2017

oops, i didn't realize this was already fixed in #17882

@cbodley cbodley closed this Sep 27, 2017

@cbodley cbodley reopened this Oct 2, 2017

@cbodley cbodley requested a review from mattbenjamin Oct 2, 2017

Copy link

left a comment


@cbodley cbodley merged commit cd0bd44 into ceph:master Oct 2, 2017

5 checks passed

Docs: build check OK - docs built
Signed-off-by all commits in this PR are signed
Unmodified Submodules submodules for project are unmodified
make check make check succeeded
make check (arm64) make check succeeded

@cbodley cbodley deleted the cbodley:wip-21576 branch Oct 2, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.