SE Server-side encryption
We have tightened up our bucket policy and specified AES256 as our server side encryption. As a result our pipeline now fails. Reason: You may not have access right to bucket: {bucketname}, detail: Access Denied Resolution: Check for valid bucket name, AWS credential and permission. This is using a snaplogic cross account IAM role. Any suggestions on what we can do to make this work?
How to enable Server-side Encryption with IAM Role support for Amazon S3
To enable Server-side Encryption support in UAT, the following steps must be followed: Include the following directive in global.properties jcc.jvm_options = -DIAM_CREDENTIAL_FOR_S3=TRUE Note : JCC must be restarted if properties file is updated In Designer or Manager, create a new S3 Account as follows : a) Leave Access-key ID and Secret key properties blank b) Enable the Server-side encryption checkbox c) Enable the IAM role checkbox 3 Bind the account created in Step 2 to all applicable Snaps writing to S3. NOTE: This will only work if the IAM role assigned to the JCC is assigned the correct role at the time it was provisioned. We do not support referencing IAM roles otherwise. If server-side encryption is not required, an account is not necessary.