if I'm using the AmazonS3Client to put and fetch files, is my connection encrypted? This seems basic, but my googling seems to return things about encrypting the S3 storage and not whether the transmission from this client is secure. If it's not secure is there a setting to make it secure?
Asked
Active
Viewed 2,191 times
4
-
Some quick searching suggests that [it defaults to HTTPS unless you give it an HTTP url to connect to](http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/ClientConfiguration.html#getProtocol--). – user2357112 Jul 04 '17 at 20:40
1 Answers
3
Amazon S3 endpoints support both HTTP and HTTPS. It is recommended that you communicate via HTTPS to ensure your data is encrypted in transit.
You can also create a Bucket Policy that enforces communication via HTTPS. See:
- Stackoverflow: Force SSL on Amazon S3
- Sample policy: s3BucketPolicyEncryptionSSL.json
John Rotenstein
- 241,921
- 22
- 380
- 470
-
huh, for some reason I thought s3 had its own protocol, probably because occasionally I've seen `s3://` uri's, which would generally mean use the s3 protocol... so I presumed that s3 sdk was using something other than http(s). since I can't find any reference to said protocol, I'm guessing it's just a shorthand used by some clients reference the endpoint. – xenoterracide Jul 06 '17 at 04:45
-
The `s3://` prefix is used when referring to Amazon S3 buckets within the [AWS Command-Line Interface (CLI)](http://aws.amazon.com/cli/), Amazon EMR and some other services, just to differentiate it from files on the local disk volume. – John Rotenstein Jul 06 '17 at 04:53