serverSideEncryption with chunking (multi-part)

Question

Using Fine-Uploader 4.3.1 at the moment, and ran into an Access Denied response from Amazon S3 when using serverSideEncryption and chunking. Each one of them seems to work fine individually.

I read this issue thinking I had the same problem, however I do not have any bucket policy requiring encryption: https://github.com/Widen/fine-uploader/issues/1147

Could someone run a sanity check that chunking and serverSideEncryption both work together?

Thanks!

Answer 1

If you're using the Amazon S3 serverSideEncryption then you'll also need to make sure your CORS configuration on the bucket allows for the proper header.

If your CORS configuration contains a wildcard to allow all headers, then you won't need to change this part. But if you're trying to be more secure and you're specifically defining your allowed headers, then this is necessary to avoid the "access denied" response.

Login to your Amazon AWS S3 Management console and navigate to your s3 bucket properties. Under the bucket permissions, edit the CORS configuration.

Insert this line among the other allowed headers.

<AllowedHeader>x-amz-server-side-encryption</AllowedHeader>

Save your configuration and that should do it.