James, OK, thank you very much for the reply and the Jira link.
Simon From: James Wing [mailto:[email protected]] Sent: Wednesday, April 18, 2018 2:30 PM To: [email protected] Subject: [External] Re: Use AWS:KMS SSE with PutS3Object? Simon, I'm afraid NiFi does not yet support server-side encryption with a specific KMS key ID, only the more basic SSE. This has certainly come up before, you are definitely not alone in wishing for this feature. There is a JIRA: NIFI-4256 Add support for all AWS S3 Encryption Options https://issues.apache.org/jira/browse/NIFI-4256 On Wed, Apr 18, 2018 at 10:37 AM, Simon Tack <[email protected]<mailto:[email protected]>> wrote: Hi. I am trying to use the PutS3Object Processor in NiFi 1.0.0 to write a file to S3. I am getting a 403 Access Denied error. My bucket requires SSE encryption with a certain key. I would expect that I need to specify the ARN to that key for PutS3Object to work, but I can’t seem to tell how or where I would specify it. Is what I am trying to do possible with the NiFi 1.0.0 PutS3Object processor? If not, is it possible with any newer version of NiFi? I can upload files to the S3 bucket fine using the AWS CLI tools, but I have to specify --sse as aws:kms and -sse-kms-key-id, i.e.: aws s3 cp <file> <s3 uri> --sse aws:kms --sse-kms-key-id <arn to my key> Thanks, Simon
