Option to use AWS KMS–Managed Keys (SSE-KMS) for server side encryption

[cyberduck]

bc6d0fa created the issue

Add support for S3 SSE-KMS (see: http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). This would enable users to input their KMS Key Id, and Cyberduck can send this key id as part of the upload request.

In the context of AWS CLI commands, you can check out this documentation: http://docs.aws.amazon.com/cli/latest/reference/s3api/put-object.html

You can specify the KMS Key Id by using --ssekms-key-id parameter.

[cyberduck]

@dkocher commented

In ce0f78b. Currently there is no option to select a key but the default key configured in KMS.

[cyberduck]

@dkocher commented

We plan to add support to select specific keys to use per bucket in a later version.

[cyberduck]

@dkocher commented

Allow selection of encrypstion keys managed in AWS-KMS in 31caffd.