Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us in Bucharest on Sept 18th for Qlik's AI Reality Tour! Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
YPMAL
Contributor III
Contributor III
‎2019-02-10 04:29 PM

access denied when encryption is on in ts3put

I have configured s3 bucket and able to put object when default encryption is aws-kms.

i have created customer managed key as well. 

 

so i am able to connect using access key , secrete key and customer master key.

 

now after apply following policy to bucket i am getting error as access denied.

 

{
"Version": "2012-10-17",
"Id": "BUCKETPOLICY",
"Statement": [

{
"Sid": "DenyIncorrectEncryptionHeaders",
"Effect": "Deny",
"Principal": "*",
"Action": "s30683p000009MAB6.pngutObject",
"Resource": "arn:aws:s3:::bucketname/*",
"Condition": {
"StringNotEquals": {
"s3:x-amz-server-side-encryption": "aws:kms",
"s3:x-amz-server-side-encryption-aws-kms-key-id": "arn************************************************"
}
}
}
]
}

 

without bucket policy and with same credentials i am able to put the data. Then why bucket policy is denying access?

Labels (1)
Labels

  • Other

334 Views
0 Likes
2 Replies
Anonymous
Not applicable
‎2019-02-11 10:40 AM

This is a policy to deny access. You may need to give a bit more detail here.

334 Views
0 Likes
YPMAL
Contributor III
Contributor III
‎2019-02-12 07:04 AM
Author

i got the solution. Server side encryption in ts3put should be unchecked when that policy is applied on the bucket.

334 Views
0 Likes