Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 22 for sse (0.01 sec)

  1. docs/site-replication/run-sse-kms-object-replication.sh

    # sleep for replication to complete
    sleep 30
    
    # Create bucket in source cluster
    echo "Create bucket in source MinIO instance"
    ./mc mb minio1/test-bucket --insecure
    
    # Enable SSE KMS for the bucket
    ./mc encrypt set sse-kms minio-default-key minio1/test-bucket --insecure
    
    # Load objects to source site
    echo "Loading objects to source MinIO instance"
    ./mc cp /tmp/data/encrypted minio1/test-bucket --insecure
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 10 06:49:55 UTC 2024
    - 11.5K bytes
    - Viewed (0)
  2. docs/security/README.md

    MinIO supports two different types of server-side encryption ([SSE](#sse)):
    
    - **SSE-C**: The MinIO server en/decrypts an object with a secret key provided by the S3 client as part of the HTTP request headers. Therefore, [SSE-C](#ssec) requires TLS/HTTPS.
    - **SSE-S3**: The MinIO server en/decrypts an object with a secret key managed by a KMS. Therefore, MinIO requires a valid KMS configuration for [SSE-S3](#sses3).
    
    ### Server-Side Encryption - Preliminaries
    
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sat Feb 12 00:51:25 UTC 2022
    - 13.8K bytes
    - Viewed (0)
  3. internal/etag/etag.go

    //
    // S3 specifies three types of server-side-encryption - SSE-C, SSE-S3
    // and SSE-KMS - with different semantics w.r.t. ETags.
    // In case of SSE-S3, the ETag of an object is computed the same as
    // for single resp. multipart plaintext objects. In particular,
    // the ETag of a singlepart SSE-S3 object is its content MD5.
    //
    // In case of SSE-C and SSE-KMS, the ETag of an object is computed
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Mar 10 21:09:36 UTC 2024
    - 13.3K bytes
    - Viewed (0)
  4. Makefile

    	@echo "Running tests for automatic site replication of SSE-C objects"
    	@(env bash $(PWD)/docs/site-replication/run-ssec-object-replication.sh)
    	@echo "Running tests for automatic site replication of SSE-C objects with SSE-KMS enabled for bucket"
    	@(env bash $(PWD)/docs/site-replication/run-sse-kms-object-replication.sh)
    	@echo "Running tests for automatic site replication of SSE-C objects with compression enabled for site"
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Thu Oct 31 22:10:24 UTC 2024
    - 11.1K bytes
    - Viewed (0)
  5. cmd/encryption-v1.go

    			return objInfo.ETag
    		}
    	}
    
    	// As per AWS S3 Spec, ETag for SSE-C encrypted objects need not be MD5Sum of the data.
    	// Since server side copy with same source and dest just replaces the ETag, we save
    	// encrypted content MD5Sum as ETag for both SSE-C and SSE-KMS, we standardize the ETag
    	// encryption across SSE-C and SSE-KMS, and only return last 32 bytes for SSE-C
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sun Oct 13 13:06:08 UTC 2024
    - 37.2K bytes
    - Viewed (0)
  6. cmd/batch-rotate.go

    )
    
    // keyrotate:
    //   apiVersion: v1
    //   bucket: BUCKET
    //   prefix: PREFIX
    //   encryption:
    //     type: sse-s3 # valid values are sse-s3 and sse-kms
    //     key: <new-kms-key> # valid only for sse-kms
    //     context: <new-kms-key-context> # valid only for sse-kms
    // # optional flags based filtering criteria
    // # for all objects
    // flags:
    //   filter:
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Sep 18 17:59:03 UTC 2024
    - 14.7K bytes
    - Viewed (0)
  7. docs/bucket/replication/README.md

    - SSE-C is hardly adopted by most widely used applications, applications prefer server to manage the keys via SSE-KMS or SSE-S3.
    - MinIO recommends applications to use SSE-KMS, SSE-S3 for simpler, safer and robust encryption mechanism for replicated buckets.
    
    ## Explore Further
    
    - [MinIO Bucket Replication Design](https://github.com/minio/minio/blob/master/docs/bucket/replication/DESIGN.md)
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Tue Jan 24 23:46:33 UTC 2023
    - 18.2K bytes
    - Viewed (0)
  8. internal/crypto/header_test.go

    			xhttp.AmzServerSideEncryptionCustomerAlgorithm: []string{xhttp.AmzEncryptionAES},
    			xhttp.AmzServerSideEncryptionCustomerKeyMD5:    []string{"7PpPLAK26ONlVUGOWlusfg=="},
    		},
    	},
    	{ // Standard SSE-C + SSE-C-copy request headers
    		Header: http.Header{
    			xhttp.AmzServerSideEncryptionCustomerAlgorithm:  []string{xhttp.AmzEncryptionAES},
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Jul 13 14:52:15 UTC 2022
    - 21.4K bytes
    - Viewed (0)
  9. cmd/object-api-options.go

    			if err != nil {
    				return
    			}
    			if sse, err = encrypt.NewSSEC(clientKey[:]); err != nil {
    				return
    			}
    			opts.ServerSideEncryption = encrypt.SSECopy(sse)
    			return
    		}
    		return
    	}
    
    	if crypto.SSEC.IsRequested(header) {
    		clientKey, err = crypto.SSEC.ParseHTTP(header)
    		if err != nil {
    			return
    		}
    		if sse, err = encrypt.NewSSEC(clientKey[:]); err != nil {
    			return
    		}
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Wed Aug 21 21:13:59 UTC 2024
    - 14.4K bytes
    - Viewed (0)
  10. internal/crypto/metadata_test.go

    	}, // 1
    	{
    		ExpectedErr: Errorf("The object metadata is missing the internal sealed key for SSE-S3"),
    		Metadata:    map[string]string{MetaIV: "", MetaAlgorithm: ""}, DataKey: []byte{}, KeyID: "", SealedKey: SealedKey{},
    	}, // 2
    	{
    		ExpectedErr: Errorf("The object metadata is missing the internal KMS key-ID for SSE-S3"),
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Fri Jul 12 20:51:54 UTC 2024
    - 18.7K bytes
    - Viewed (0)
Back to top