Hi, yes we did it two days ago too. There is PR for this, but it's not
commited yet.
Thanks, anyway!
Arvydas
On Fri, Oct 19, 2018 at 7:15 AM Konstantin Shalygin wrote:
> After RGW upgrade from Jewel to Luminous, one S3 user started to receive
> errors from his postgre wal-e solution. Error is
After RGW upgrade from Jewel to Luminous, one S3 user started to receive
errors from his postgre wal-e solution. Error is like this: "Server Side
Encryption with KMS managed key requires HTTP header
x-amz-server-side-encryption : aws:kms".
This can be resolved via simple patch of wal-e/wal-g. I
My idea was the setting, which disables encryption on rgw, so rgw anounces, it
doesn't support it (I don't know how client and server are comunicating this
now, so maybe I am oversimplyfing it).
Anyway, workaround with rgw_crypt_s3_kms_encryption_keys looks great.
Thank you!
That's not currently possible, no. And I don't think it's a good idea to
add such a feature; if the client requests that something be encrypted,
the server should either encrypt it or reject the request.
There is a config called rgw_crypt_s3_kms_encryption_keys that we use
for testing,
Hi,
got no success on IRC, maybe someone will help me here.
After RGW upgrade from Jewel to Luminous, one S3 user started to receive
errors from his postgre wal-e solution. Error is like this: "Server Side
Encryption with KMS managed key requires HTTP header
x-amz-server-side-encryption :