Package software.amazon.encryption.s3

Class S3AsyncEncryptionClient

  • All Implemented Interfaces:
    AutoCloseable, software.amazon.awssdk.awscore.AwsClient, software.amazon.awssdk.core.SdkClient, software.amazon.awssdk.services.s3.S3AsyncClient, software.amazon.awssdk.utils.SdkAutoCloseable
    public class S3AsyncEncryptionClient
extends software.amazon.awssdk.services.s3.DelegatingS3AsyncClient
    This client is a drop-in replacement for the S3 Async client. It will automatically encrypt objects on putObject and decrypt objects on getObject using the provided encryption key(s).

    • Field Summary

      • Fields inherited from interface software.amazon.awssdk.services.s3.S3AsyncClient

        SERVICE_METADATA_ID, SERVICE_NAME

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      static S3AsyncEncryptionClient.Builder builder()
      Creates a builder that can be used to configure and create a S3AsyncEncryptionClient.
      void close()
      Closes the wrapped S3AsyncClient instance.
      CompletableFuture<software.amazon.awssdk.services.s3.model.DeleteObjectResponse> deleteObject​(software.amazon.awssdk.services.s3.model.DeleteObjectRequest deleteObjectRequest)
      See S3AsyncClient.deleteObject(DeleteObjectRequest).
      CompletableFuture<software.amazon.awssdk.services.s3.model.DeleteObjectsResponse> deleteObjects​(software.amazon.awssdk.services.s3.model.DeleteObjectsRequest deleteObjectsRequest)
      See S3AsyncClient.deleteObjects(DeleteObjectsRequest).
      <T> CompletableFuture<T> getObject​(software.amazon.awssdk.services.s3.model.GetObjectRequest getObjectRequest, software.amazon.awssdk.core.async.AsyncResponseTransformer<software.amazon.awssdk.services.s3.model.GetObjectResponse,​T> asyncResponseTransformer)
      See S3AsyncClient.getObject(GetObjectRequest, AsyncResponseTransformer)
      CompletableFuture<software.amazon.awssdk.services.s3.model.PutObjectResponse> putObject​(software.amazon.awssdk.services.s3.model.PutObjectRequest putObjectRequest, software.amazon.awssdk.core.async.AsyncRequestBody requestBody)
      See S3AsyncClient.putObject(PutObjectRequest, AsyncRequestBody).
      static Consumer<software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration.Builder> withAdditionalEncryptionContext​(Map<String,​String> encryptionContext)
      Attaches encryption context to a request.

      • Methods inherited from class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient

        abortMultipartUpload, completeMultipartUpload, copyObject, createBucket, createMultipartUpload, createSession, delegate, deleteBucket, deleteBucketAnalyticsConfiguration, deleteBucketCors, deleteBucketEncryption, deleteBucketIntelligentTieringConfiguration, deleteBucketInventoryConfiguration, deleteBucketLifecycle, deleteBucketMetricsConfiguration, deleteBucketOwnershipControls, deleteBucketPolicy, deleteBucketReplication, deleteBucketTagging, deleteBucketWebsite, deleteObjectTagging, deletePublicAccessBlock, getBucketAccelerateConfiguration, getBucketAcl, getBucketAnalyticsConfiguration, getBucketCors, getBucketEncryption, getBucketIntelligentTieringConfiguration, getBucketInventoryConfiguration, getBucketLifecycleConfiguration, getBucketLocation, getBucketLogging, getBucketMetricsConfiguration, getBucketNotificationConfiguration, getBucketOwnershipControls, getBucketPolicy, getBucketPolicyStatus, getBucketReplication, getBucketRequestPayment, getBucketTagging, getBucketVersioning, getBucketWebsite, getObjectAcl, getObjectAttributes, getObjectLegalHold, getObjectLockConfiguration, getObjectRetention, getObjectTagging, getObjectTorrent, getPublicAccessBlock, headBucket, headObject, invokeOperation, listBucketAnalyticsConfigurations, listBucketIntelligentTieringConfigurations, listBucketInventoryConfigurations, listBucketMetricsConfigurations, listBuckets, listDirectoryBuckets, listMultipartUploads, listObjects, listObjectsV2, listObjectVersions, listParts, putBucketAccelerateConfiguration, putBucketAcl, putBucketAnalyticsConfiguration, putBucketCors, putBucketEncryption, putBucketIntelligentTieringConfiguration, putBucketInventoryConfiguration, putBucketLifecycleConfiguration, putBucketLogging, putBucketMetricsConfiguration, putBucketNotificationConfiguration, putBucketOwnershipControls, putBucketPolicy, putBucketReplication, putBucketRequestPayment, putBucketTagging, putBucketVersioning, putBucketWebsite, putObjectAcl, putObjectLegalHold, putObjectLockConfiguration, putObjectRetention, putObjectTagging, putPublicAccessBlock, restoreObject, selectObjectContent, serviceClientConfiguration, serviceName, uploadPart, uploadPartCopy, utilities, waiter, writeGetObjectResponse

      • Methods inherited from interface software.amazon.awssdk.services.s3.S3AsyncClient

        abortMultipartUpload, completeMultipartUpload, copyObject, createBucket, createMultipartUpload, createSession, deleteBucket, deleteBucketAnalyticsConfiguration, deleteBucketCors, deleteBucketEncryption, deleteBucketIntelligentTieringConfiguration, deleteBucketInventoryConfiguration, deleteBucketLifecycle, deleteBucketMetricsConfiguration, deleteBucketOwnershipControls, deleteBucketPolicy, deleteBucketReplication, deleteBucketTagging, deleteBucketWebsite, deleteObject, deleteObjects, deleteObjectTagging, deletePublicAccessBlock, getBucketAccelerateConfiguration, getBucketAcl, getBucketAnalyticsConfiguration, getBucketCors, getBucketEncryption, getBucketIntelligentTieringConfiguration, getBucketInventoryConfiguration, getBucketLifecycleConfiguration, getBucketLocation, getBucketLogging, getBucketMetricsConfiguration, getBucketNotificationConfiguration, getBucketOwnershipControls, getBucketPolicy, getBucketPolicyStatus, getBucketReplication, getBucketRequestPayment, getBucketTagging, getBucketVersioning, getBucketWebsite, getObject, getObject, getObject, getObjectAcl, getObjectAttributes, getObjectLegalHold, getObjectLockConfiguration, getObjectRetention, getObjectTagging, getObjectTorrent, getObjectTorrent, getObjectTorrent, getPublicAccessBlock, headBucket, headObject, listBucketAnalyticsConfigurations, listBucketIntelligentTieringConfigurations, listBucketInventoryConfigurations, listBucketMetricsConfigurations, listBuckets, listBuckets, listBucketsPaginator, listBucketsPaginator, listBucketsPaginator, listDirectoryBuckets, listDirectoryBucketsPaginator, listDirectoryBucketsPaginator, listMultipartUploads, listMultipartUploadsPaginator, listMultipartUploadsPaginator, listObjects, listObjectsV2, listObjectsV2Paginator, listObjectsV2Paginator, listObjectVersions, listObjectVersionsPaginator, listObjectVersionsPaginator, listParts, listPartsPaginator, listPartsPaginator, putBucketAccelerateConfiguration, putBucketAcl, putBucketAnalyticsConfiguration, putBucketCors, putBucketEncryption, putBucketIntelligentTieringConfiguration, putBucketInventoryConfiguration, putBucketLifecycleConfiguration, putBucketLogging, putBucketMetricsConfiguration, putBucketNotificationConfiguration, putBucketOwnershipControls, putBucketPolicy, putBucketReplication, putBucketRequestPayment, putBucketTagging, putBucketVersioning, putBucketWebsite, putObject, putObject, putObject, putObjectAcl, putObjectLegalHold, putObjectLockConfiguration, putObjectRetention, putObjectTagging, putPublicAccessBlock, restoreObject, selectObjectContent, uploadPart, uploadPart, uploadPart, uploadPartCopy, writeGetObjectResponse, writeGetObjectResponse, writeGetObjectResponse

    • Method Detail

      • withAdditionalEncryptionContext

        public static Consumer<software.amazon.awssdk.awscore.AwsRequestOverrideConfiguration.Builder> withAdditionalEncryptionContext​(Map<String,​String> encryptionContext)
        Attaches encryption context to a request. Must be used as a parameter to AwsRequest.overrideConfiguration() in the request. Encryption context can be used to enforce authentication of ciphertext. The same encryption context used to encrypt MUST be provided on decrypt. Encryption context is only supported with KMS keys.
        Parameters:
        encryptionContext - the encryption context to use for the request.
        Returns:
        Consumer for use in overrideConfiguration()

      • putObject

        public CompletableFuture<software.amazon.awssdk.services.s3.model.PutObjectResponse> putObject​(software.amazon.awssdk.services.s3.model.PutObjectRequest putObjectRequest,
                                                                                               software.amazon.awssdk.core.async.AsyncRequestBody requestBody)
                                                                                        throws software.amazon.awssdk.awscore.exception.AwsServiceException,
                                                                                               software.amazon.awssdk.core.exception.SdkClientException
        See S3AsyncClient.putObject(PutObjectRequest, AsyncRequestBody).

        In the S3AsyncEncryptionClient, putObject encrypts the data in the requestBody as it is written to S3.

        Specified by:
        putObject in interface software.amazon.awssdk.services.s3.S3AsyncClient
        Overrides:
        putObject in class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient
        Parameters:
        putObjectRequest - the request instance
        requestBody - Functional interface that can be implemented to produce the request content in a non-blocking manner. The size of the content is expected to be known up front. See AsyncRequestBody for specific details on implementing this interface as well as links to precanned implementations for common scenarios like uploading from a file.
        Returns:
        A Java Future containing the result of the PutObject operation returned by the service.

        The CompletableFuture returned by this method can be completed exceptionally with the following exceptions.

        • SdkException Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.
        • SdkClientException If any client side error occurs such as an IO related failure, failure to get credentials, etc.
        • S3EncryptionClientException Base class for all encryption client specific exceptions.
        Throws:
        software.amazon.awssdk.awscore.exception.AwsServiceException
        software.amazon.awssdk.core.exception.SdkClientException

      • getObject

        public <T> CompletableFuture<T> getObject​(software.amazon.awssdk.services.s3.model.GetObjectRequest getObjectRequest,
                                          software.amazon.awssdk.core.async.AsyncResponseTransformer<software.amazon.awssdk.services.s3.model.GetObjectResponse,​T> asyncResponseTransformer)
        See S3AsyncClient.getObject(GetObjectRequest, AsyncResponseTransformer)

        In the S3AsyncEncryptionClient, getObject decrypts the data as it is read from S3.

        Specified by:
        getObject in interface software.amazon.awssdk.services.s3.S3AsyncClient
        Overrides:
        getObject in class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient
        Parameters:
        getObjectRequest - the request instance.
        asyncResponseTransformer - The response transformer for processing the streaming response in a non-blocking manner. See AsyncResponseTransformer for details on how this callback should be implemented and for links to precanned implementations for common scenarios like downloading to a file.
        Returns:
        A future to the transformed result of the AsyncResponseTransformer.

        The CompletableFuture returned by this method can be completed exceptionally with the following exceptions.

        • NoSuchKeyException The specified key does not exist.
        • InvalidObjectStateException Object is archived and inaccessible until restored.
        • SdkException Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for catch all scenarios.
        • SdkClientException If any client side error occurs such as an IO related failure, failure to get credentials, etc.
        • S3EncryptionClientException Base class for all encryption client exceptions.

      • deleteObject

        public CompletableFuture<software.amazon.awssdk.services.s3.model.DeleteObjectResponse> deleteObject​(software.amazon.awssdk.services.s3.model.DeleteObjectRequest deleteObjectRequest)
        See S3AsyncClient.deleteObject(DeleteObjectRequest).

        In the S3 Encryption Client, deleteObject also deletes the instruction file, if present.

        Specified by:
        deleteObject in interface software.amazon.awssdk.services.s3.S3AsyncClient
        Overrides:
        deleteObject in class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient
        Parameters:
        deleteObjectRequest - the request instance
        Returns:
        A Java Future containing the result of the DeleteObject operation returned by the service.

      • deleteObjects

        public CompletableFuture<software.amazon.awssdk.services.s3.model.DeleteObjectsResponse> deleteObjects​(software.amazon.awssdk.services.s3.model.DeleteObjectsRequest deleteObjectsRequest)
                                                                                                throws software.amazon.awssdk.awscore.exception.AwsServiceException,
                                                                                                       software.amazon.awssdk.core.exception.SdkClientException
        See S3AsyncClient.deleteObjects(DeleteObjectsRequest).

        In the S3 Encryption Client, deleteObjects also deletes the instruction file(s), if present.

        Specified by:
        deleteObjects in interface software.amazon.awssdk.services.s3.S3AsyncClient
        Overrides:
        deleteObjects in class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient
        Parameters:
        deleteObjectsRequest - the request instance
        Returns:
        A Java Future containing the result of the DeleteObjects operation returned by the service.
        Throws:
        software.amazon.awssdk.awscore.exception.AwsServiceException
        software.amazon.awssdk.core.exception.SdkClientException

      • close

        public void close()
        Closes the wrapped S3AsyncClient instance.
        Specified by:
        close in interface AutoCloseable
        Specified by:
        close in interface software.amazon.awssdk.utils.SdkAutoCloseable
        Overrides:
        close in class software.amazon.awssdk.services.s3.DelegatingS3AsyncClient