SE Server-side encryption

We have tightened up our bucket policy and specified AES256 as our server side encryption. As a result our pipeline now fails.

Reason: You may not have access right to bucket: {bucketname}, detail: Access Denied
Resolution: Check for valid bucket name, AWS credential and permission.

This is using a snaplogic cross account IAM role. Any suggestions on what we can do to make this work?

It seems the bucket policy has two statements regarding server side encryption and one regarding secure transport. I removed the section for secure transport and it seems to have helped. I can’t overwrite, but that’s not my issue right now.

It seemed to me that any server side encryption should be handled by AWS as long as server side encryption check box is marked in the snap.

I don’t have access to the AWS account the snapplex is running on; so I didn’t set up the snaplogic account, nor can I see the IAM role configuration. So I was mainly trying to figure out if my understanding was correct.

Thanks Diane and Mina

1 Like