Which parameter is not required while making a call for SSE-C?

By:
In: SOA-C01
Tagged:
With: 1 Comment
A system admin is planning to encrypt all objects being uploaded to S3 from an application.The system admin does not want to implement his own encryption algorithm; instead he is planning to use server side encryption by supplying his own key (SSE-C).

Which parameter is not required while making a call for SSE-C?

x-amz-server-side-encryption-customer-key-AES-256

x-amz-server-side-encryption-customer-key

x-amz-server-side-encryption-customer-algorithm

x-amz-server-side-encryption-customer-key-MD5

Explanations:

Thex-amz-server-side-encryption-customer-key-AES-256header is required when using SSE-C. This header contains the encryption key in Base64-encoded format, specifying the encryption algorithm (AES-256).

Thex-amz-server-side-encryption-customer-keyheader is required to pass the Base64-encoded encryption key for SSE-C.

Thex-amz-server-side-encryption-customer-algorithmheader is required and specifies the encryption algorithm used (typicallyAES256).

Thex-amz-server-side-encryption-customer-key-MD5header is not required. While the MD5 checksum of the encryption key can be used as a verification step, it is not mandatory when performing SSE-C encryption.

2025-09-30

1 Comment

  1. Andrew
    Author

    I believe the answer is:
    x-amz-server-side-encryption-customer-key-MD5

Leave a Reply

Your email address will not be published. Required fields are marked *

fourteen − twelve =