Get Inspire insights from former attendees in our AMA discussion thread on Inspire Buzz. ACEs and other community members are on call all week to answer!
community Alteryx IO Alteryx.com
alteryx Community
Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Close
Free Trial

Alteryx Designer Desktop Discussions

Find answers, ask questions, and share expertise about Alteryx Designer Desktop and Intelligence Suite.
SOLVED

s3 download - Error from AWS: the Object was stored using a form of Server Side encryption

LorenHadley
5 - Atom
‎06-26-2020 01:19 PM

I'm attempting a download of an SSE-S3 encrypted csv object from an S3 bucket and getting the error "Error from AWS: The object was stored using a form of server side encryption.  The correct parameters must be provided to retrieve the object"

 

The Tool Mastery article https://community.alteryx.com/t5/Alteryx-Designer-Knowledge-Base/Tool-Mastery-Amazon-S3-Upload-and-D...  looks at uploads and shows a drop-down for encryption.  It states that the configuration of Downloads is the same.  However in the Downloads connector I don't see this option?  What am I missing here?

 

Thanks!

Loren

drop-down in documentation.pngs3-connector error.PNG 

Reply
0 Likes

Accepted SolutionSolved! Go to Solution.

2 REPLIES 2
grazitti_sapna
17 - Castor
‎07-30-2020 01:05 AM

Hi @LorenHadley,

 

It seems that when the Data was uploaded into the S3 bucket, Server Side Encryption was used(it was not set as none) and thus you are getting that error. It is expecting you to provide with the encryption key to retrieve the data.

Amazon S3 manages the encryption as it writes to disks and decryption when you access your objects. Therefore, you don't need to maintain any code to perform data encryption and decryption. The only thing you do is manage the encryption keys you provide.

When you upload an object, Amazon S3 uses the encryption key you provide to apply AES-256 encryption to your data and removes the encryption key from memory. When you retrieve an object, you must provide the same encryption key as part of your request. Amazon S3 first verifies that the encryption key you provided matches and then decrypts the object before returning the object data to you.

 

Please have a look in the screenshot below. If any of the highlighted options were selected while uploading the data into S3, it would have created an encryption key and Amazon S3 expects you to provide the Same key while downloading the data so that it can be decrypted.

 

s3_issue.png

 I hope I have been able to provide a clear picture of the issue. For more details please refer to the link given below:

https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html

Sapna Gupta
Reply
0 Likes
LorenHadley
5 - Atom
‎07-30-2020 07:03 AM

We discovered that a 3rd party solution stated it was using the managed key encryption method when it was in fact using the Custom Key method with the server creating a key but offering no mechanism for the data owner to access that key.  Once this was determined a fix was made to managed encryption and the user credentials determined the key and allowed for automatic encryption and decryption by using those credentials.

 

Thanks for the response.

Reply
0 Likes
get your questions about inspire answered by inspire attendees
learn more about the python upgrade coming in may 2024
Labels