Jawei, Li 1a4c1a720a OBS s3api 2.0.38.SP5

Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com>
Co-authored-by: Jawei, Li <lijiawei5@huawei.com>
Co-committed-by: Jawei, Li <lijiawei5@huawei.com>

2022-11-16 14:51:13 +00:00

1.9 KiB

Raw Permalink Blame History

Server-Side Encryption

Users can upload and download objects in common mode or using server-side encryption.

Object Storage Service (OBS) supports server-side encryption.

Users can implement this function based on various the key management types to meet site requirements. OBS supports two server-side encryption modes:

Server-side encryption with KMS-managed keys (SSE-KMS).
Server-side encryption with customer-provided keys (SSE-C).

In SSE-KMS mode, OBS uses the keys provided by Key Management Service (KMS) for server-side encryption.

In SSE-C mode, OBS uses the keys and MD5 values provided by customers for server-side encryption.

When server-side encryption is used, the returned ETag value is not the MD5 value of the object. When server-side encryption is used to upload an object, the server does not verify the imported Content-MD5 value.

SSE-KMS
SSE-C
Interfaces Related to Server-Side Encryption

Parent topic: OBS REST APIs

1.9 KiB Raw Permalink Blame History

Server-Side Encryption

1.9 KiB

Raw Permalink Blame History