public class AmazonS3EncryptionClient extends AmazonS3Client implements AmazonS3Encryption
The encryption materials specified in the constructor will be used to protect the CEK which is then stored along side with the S3 object.
| Modifier and Type | Field and Description | 
|---|---|
| static String | USER_AGENT | 
S3_SERVICE_NAMELOGGING_AWS_REQUEST_METRICENDPOINT_PREFIX| Modifier and Type | Method and Description | 
|---|---|
| void | abortMultipartUpload(AbortMultipartUploadRequest req)Aborts a multipart upload. | 
| CompleteMultipartUploadResult | completeMultipartUpload(CompleteMultipartUploadRequest req)Completes a multipart upload by assembling previously uploaded parts. | 
| CopyPartResult | copyPart(CopyPartRequest copyPartRequest)Copies a source object to a part of a multipart upload. | 
| void | deleteObject(DeleteObjectRequest req)
 Deletes the specified object in the specified bucket. | 
| static AmazonS3EncryptionClientBuilder | encryptionBuilder() | 
| S3Object | getObject(GetObjectRequest req)
 Gets the object stored in Amazon S3 under the specified bucket and
 key. | 
| ObjectMetadata | getObject(GetObjectRequest req,
         File dest)
 Gets the object metadata for the object stored
 in Amazon S3 under the specified bucket and key,
 and saves the object contents to the
 specified file. | 
| InitiateMultipartUploadResult | initiateMultipartUpload(InitiateMultipartUploadRequest req)Initiates a multipart upload and returns an InitiateMultipartUploadResult
 which contains an upload ID. | 
| PutObjectResult | putInstructionFile(PutInstructionFileRequest req)Creates a new crypto instruction file by re-encrypting the CEK of an
 existing encrypted S3 object with a new encryption material identifiable
 via a new set of material description. | 
| PutObjectResult | putObject(PutObjectRequest req)
 Uploads a new object to the specified Amazon S3 bucket. | 
| void | shutdown()Shuts down this client object, releasing any resources that might be held
 open. | 
| CompleteMultipartUploadResult | uploadObject(UploadObjectRequest req)Used to encrypt data first to disk with pipelined concurrent multi-part
 uploads to S3. | 
| UploadPartResult | uploadPart(UploadPartRequest uploadPartRequest)Uploads a part in a multipart upload. | 
builder, changeObjectStorageClass, copyObject, copyObject, createBucket, createBucket, createBucket, createBucket, deleteBucket, deleteBucket, deleteBucketAnalyticsConfiguration, deleteBucketAnalyticsConfiguration, deleteBucketCrossOriginConfiguration, deleteBucketCrossOriginConfiguration, deleteBucketEncryption, deleteBucketEncryption, deleteBucketInventoryConfiguration, deleteBucketInventoryConfiguration, deleteBucketLifecycleConfiguration, deleteBucketLifecycleConfiguration, deleteBucketMetricsConfiguration, deleteBucketMetricsConfiguration, deleteBucketPolicy, deleteBucketPolicy, deleteBucketReplicationConfiguration, deleteBucketReplicationConfiguration, deleteBucketTaggingConfiguration, deleteBucketTaggingConfiguration, deleteBucketWebsiteConfiguration, deleteBucketWebsiteConfiguration, deleteObject, deleteObjects, deleteObjectTagging, deleteVersion, deleteVersion, disableRequesterPays, doesBucketExist, doesBucketExistV2, doesObjectExist, enableRequesterPays, generatePresignedUrl, generatePresignedUrl, generatePresignedUrl, getBucketAccelerateConfiguration, getBucketAccelerateConfiguration, getBucketAcl, getBucketAcl, getBucketAnalyticsConfiguration, getBucketAnalyticsConfiguration, getBucketCrossOriginConfiguration, getBucketCrossOriginConfiguration, getBucketEncryption, getBucketEncryption, getBucketInventoryConfiguration, getBucketInventoryConfiguration, getBucketLifecycleConfiguration, getBucketLifecycleConfiguration, getBucketLocation, getBucketLocation, getBucketLoggingConfiguration, getBucketLoggingConfiguration, getBucketMetricsConfiguration, getBucketMetricsConfiguration, getBucketNotificationConfiguration, getBucketNotificationConfiguration, getBucketPolicy, getBucketPolicy, getBucketReplicationConfiguration, getBucketReplicationConfiguration, getBucketTaggingConfiguration, getBucketTaggingConfiguration, getBucketVersioningConfiguration, getBucketVersioningConfiguration, getBucketWebsiteConfiguration, getBucketWebsiteConfiguration, getCachedResponseMetadata, getObject, getObjectAcl, getObjectAcl, getObjectAcl, getObjectAsString, getObjectMetadata, getObjectMetadata, getObjectTagging, getRegion, getRegionName, getResourceUrl, getS3AccountOwner, getS3AccountOwner, getUrl, headBucket, isRequesterPaysEnabled, listBucketAnalyticsConfigurations, listBucketInventoryConfigurations, listBucketMetricsConfigurations, listBuckets, listBuckets, listMultipartUploads, listNextBatchOfObjects, listNextBatchOfObjects, listNextBatchOfVersions, listNextBatchOfVersions, listObjects, listObjects, listObjects, listObjectsV2, listObjectsV2, listObjectsV2, listParts, listVersions, listVersions, listVersions, putObject, putObject, putObject, restoreObject, restoreObject, setBucketAccelerateConfiguration, setBucketAccelerateConfiguration, setBucketAcl, setBucketAcl, setBucketAcl, setBucketAcl, setBucketAcl, setBucketAnalyticsConfiguration, setBucketAnalyticsConfiguration, setBucketCrossOriginConfiguration, setBucketCrossOriginConfiguration, setBucketEncryption, setBucketInventoryConfiguration, setBucketInventoryConfiguration, setBucketLifecycleConfiguration, setBucketLifecycleConfiguration, setBucketLoggingConfiguration, setBucketMetricsConfiguration, setBucketMetricsConfiguration, setBucketNotificationConfiguration, setBucketNotificationConfiguration, setBucketPolicy, setBucketPolicy, setBucketReplicationConfiguration, setBucketReplicationConfiguration, setBucketTaggingConfiguration, setBucketTaggingConfiguration, setBucketVersioningConfiguration, setBucketWebsiteConfiguration, setBucketWebsiteConfiguration, setEndpoint, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectRedirectLocation, setObjectTagging, setRegion, setS3ClientOptions, waitersaddRequestHandler, addRequestHandler, configureRegion, getEndpointPrefix, getRequestMetricsCollector, getServiceName, getSignerByURI, getSignerOverride, getSignerRegionOverride, getTimeOffset, makeImmutable, removeRequestHandler, removeRequestHandler, setEndpoint, setServiceNameIntern, setSignerRegionOverride, setTimeOffset, withEndpoint, withRegion, withRegion, withTimeOffsetequals, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitchangeObjectStorageClass, copyObject, copyObject, createBucket, createBucket, createBucket, createBucket, deleteBucket, deleteBucket, deleteBucketAnalyticsConfiguration, deleteBucketAnalyticsConfiguration, deleteBucketCrossOriginConfiguration, deleteBucketCrossOriginConfiguration, deleteBucketEncryption, deleteBucketEncryption, deleteBucketInventoryConfiguration, deleteBucketInventoryConfiguration, deleteBucketLifecycleConfiguration, deleteBucketLifecycleConfiguration, deleteBucketMetricsConfiguration, deleteBucketMetricsConfiguration, deleteBucketPolicy, deleteBucketPolicy, deleteBucketReplicationConfiguration, deleteBucketReplicationConfiguration, deleteBucketTaggingConfiguration, deleteBucketTaggingConfiguration, deleteBucketWebsiteConfiguration, deleteBucketWebsiteConfiguration, deleteObject, deleteObjects, deleteObjectTagging, deleteVersion, deleteVersion, disableRequesterPays, doesBucketExist, doesBucketExistV2, doesObjectExist, enableRequesterPays, generatePresignedUrl, generatePresignedUrl, generatePresignedUrl, getBucketAccelerateConfiguration, getBucketAccelerateConfiguration, getBucketAcl, getBucketAcl, getBucketAnalyticsConfiguration, getBucketAnalyticsConfiguration, getBucketCrossOriginConfiguration, getBucketCrossOriginConfiguration, getBucketEncryption, getBucketEncryption, getBucketInventoryConfiguration, getBucketInventoryConfiguration, getBucketLifecycleConfiguration, getBucketLifecycleConfiguration, getBucketLocation, getBucketLocation, getBucketLoggingConfiguration, getBucketLoggingConfiguration, getBucketMetricsConfiguration, getBucketMetricsConfiguration, getBucketNotificationConfiguration, getBucketNotificationConfiguration, getBucketPolicy, getBucketPolicy, getBucketReplicationConfiguration, getBucketReplicationConfiguration, getBucketTaggingConfiguration, getBucketTaggingConfiguration, getBucketVersioningConfiguration, getBucketVersioningConfiguration, getBucketWebsiteConfiguration, getBucketWebsiteConfiguration, getCachedResponseMetadata, getObject, getObjectAcl, getObjectAcl, getObjectAcl, getObjectAsString, getObjectMetadata, getObjectMetadata, getObjectTagging, getRegion, getRegionName, getS3AccountOwner, getS3AccountOwner, getUrl, headBucket, isRequesterPaysEnabled, listBucketAnalyticsConfigurations, listBucketInventoryConfigurations, listBucketMetricsConfigurations, listBuckets, listBuckets, listMultipartUploads, listNextBatchOfObjects, listNextBatchOfObjects, listNextBatchOfVersions, listNextBatchOfVersions, listObjects, listObjects, listObjects, listObjectsV2, listObjectsV2, listObjectsV2, listParts, listVersions, listVersions, listVersions, putObject, putObject, putObject, restoreObject, restoreObject, setBucketAccelerateConfiguration, setBucketAccelerateConfiguration, setBucketAcl, setBucketAcl, setBucketAcl, setBucketAnalyticsConfiguration, setBucketAnalyticsConfiguration, setBucketCrossOriginConfiguration, setBucketCrossOriginConfiguration, setBucketEncryption, setBucketInventoryConfiguration, setBucketInventoryConfiguration, setBucketLifecycleConfiguration, setBucketLifecycleConfiguration, setBucketLoggingConfiguration, setBucketMetricsConfiguration, setBucketMetricsConfiguration, setBucketNotificationConfiguration, setBucketNotificationConfiguration, setBucketPolicy, setBucketPolicy, setBucketReplicationConfiguration, setBucketReplicationConfiguration, setBucketTaggingConfiguration, setBucketTaggingConfiguration, setBucketVersioningConfiguration, setBucketWebsiteConfiguration, setBucketWebsiteConfiguration, setEndpoint, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectAcl, setObjectRedirectLocation, setObjectTagging, setRegion, setS3ClientOptions, waiterspublic static final String USER_AGENT
@Deprecated public AmazonS3EncryptionClient(EncryptionMaterials encryptionMaterials)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider)
 Constructs a new Amazon S3 Encryption client that will make anonymous
 requests to Amazon S3.  If AmazonS3Client.getObject(String, String) is called,
 the object contents will be decrypted with the encryption materials provided.
 
Only a subset of the Amazon S3 API will work with anonymous (i.e. unsigned) requests, but this can prove useful in some situations. For example:
Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.listObjects(String) to see what objects are stored in a bucket.Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.getObject(String, String) and
  AmazonS3Client.getObjectMetadata(String, String) to pull object content and
  metadata.Permission.Write permission for the
  GroupGrantee.AllUsers group, anonymous clients can upload objects
  to the bucket.encryptionMaterials - The encryption materials to be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(EncryptionMaterialsProvider encryptionMaterialsProvider)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider)
 Constructs a new Amazon S3 Encryption client that will make anonymous
 requests to Amazon S3.  If AmazonS3Client.getObject(String, String) is called,
 the object contents will be decrypted with the encryption materials provided.
 
Only a subset of the Amazon S3 API will work with anonymous (i.e. unsigned) requests, but this can prove useful in some situations. For example:
Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.listObjects(String) to see what objects are stored in a bucket.Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.getObject(String, String) and
  AmazonS3Client.getObjectMetadata(String, String) to pull object content and
  metadata.Permission.Write permission for the
  GroupGrantee.AllUsers group, anonymous clients can upload objects
  to the bucket.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(EncryptionMaterials encryptionMaterials, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration)
 Constructs a new Amazon S3 Encryption client that will make anonymous
 requests to Amazon S3.  If AmazonS3Client.getObject(String, String) is called,
 the object contents will be decrypted with the encryption materials provided.
 The encryption implementation of the provided crypto provider will be
 used to encrypt and decrypt data.
 
Only a subset of the Amazon S3 API will work with anonymous (i.e. unsigned) requests, but this can prove useful in some situations. For example:
Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.listObjects(String) to see what objects are stored in a bucket.Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.getObject(String, String) and
  AmazonS3Client.getObjectMetadata(String, String) to pull object content and
  metadata.Permission.Write permission for the
  GroupGrantee.AllUsers group, anonymous clients can upload objects
  to the bucket.encryptionMaterials - The encryption materials to be used to encrypt and decrypt data.cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(EncryptionMaterialsProvider encryptionMaterialsProvider, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration)
 Constructs a new Amazon S3 Encryption client that will make anonymous
 requests to Amazon S3.  If AmazonS3Client.getObject(String, String) is called,
 the object contents will be decrypted with the encryption materials provided.
 The encryption implementation of the provided crypto provider will be
 used to encrypt and decrypt data.
 
Only a subset of the Amazon S3 API will work with anonymous (i.e. unsigned) requests, but this can prove useful in some situations. For example:
Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.listObjects(String) to see what objects are stored in a bucket.Permission.Read permission for the
  GroupGrantee.AllUsers group, anonymous clients can call
  AmazonS3Client.getObject(String, String) and
  AmazonS3Client.getObjectMetadata(String, String) to pull object content and
  metadata.Permission.Write permission for the
  GroupGrantee.AllUsers group, anonymous clients can upload objects
  to the bucket.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterials encryptionMaterials)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided.
credentials - The AWS credentials to use when making requests to Amazon S3
            with this client.encryptionMaterials - The encryption materials to be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterialsProvider encryptionMaterialsProvider)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided.
credentials - The AWS credentials to use when making requests to Amazon S3
            with this client.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider encryptionMaterialsProvider)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided.
credentialsProvider - The AWS credentials provider which will provide credentials
            to authenticate requests with AWS services.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterials encryptionMaterials, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided. The encryption implementation of the provided crypto provider will be used to encrypt and decrypt data.
credentials - The AWS credentials to use when making requests to Amazon S3
            with this client.encryptionMaterials - The encryption materials to be used to encrypt and decrypt data.cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterialsProvider encryptionMaterialsProvider, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided. The encryption implementation of the provided crypto provider will be used to encrypt and decrypt data.
credentials - The AWS credentials to use when making requests to Amazon S3
            with this client.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider encryptionMaterialsProvider, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration)Constructs a new Amazon S3 Encryption client using the specified AWS credentials to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided. The encryption implementation of the provided crypto provider will be used to encrypt and decrypt data.
credentialsProvider - The AWS credentials provider which will provide credentials
            to authenticate requests with AWS services.encryptionMaterialsProvider - A provider for the encryption materials to be used to encrypt and decrypt data.cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterials encryptionMaterials, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration) and
                 AwsClientBuilder.withClientConfiguration(ClientConfiguration)Constructs a new Amazon S3 Encryption client using the specified AWS credentials and client configuration to access Amazon S3. Object contents will be encrypted and decrypted with the encryption materials provided. The crypto provider and storage mode denoted in the specified crypto configuration will be used to encrypt and decrypt data.
credentials - The AWS credentials to use when making requests to Amazon S3
            with this client.encryptionMaterials - The encryption materials to be used to encrypt and decrypt data.clientConfig - The client configuration options controlling how this client
            connects to Amazon S3 (ex: proxy settings, retry counts, etc).cryptoConfig - The crypto configuration whose parameters will be used to encrypt and decrypt data.IllegalArgumentException - If either of the encryption materials or crypto configuration parameters are null.@Deprecated public AmazonS3EncryptionClient(AWSCredentials credentials, EncryptionMaterialsProvider encryptionMaterialsProvider, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration) and
                 AwsClientBuilder.withClientConfiguration(ClientConfiguration)@Deprecated public AmazonS3EncryptionClient(AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration) and
                 AwsClientBuilder.withClientConfiguration(ClientConfiguration)@Deprecated public AmazonS3EncryptionClient(AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig, RequestMetricCollector requestMetricCollector)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration) and
                 AwsClientBuilder.withClientConfiguration(ClientConfiguration) and
                 AwsClientBuilder.withMetricsCollector(RequestMetricCollector)@Deprecated public AmazonS3EncryptionClient(AWSKMSClient kms, AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig, RequestMetricCollector requestMetricCollector)
AmazonS3EncryptionClientBuilder.withEncryptionMaterials(EncryptionMaterialsProvider) and
                 AwsClientBuilder.withCredentials(AWSCredentialsProvider) and
                 AmazonS3EncryptionClientBuilder.withCryptoConfiguration(CryptoConfiguration) and
                 AwsClientBuilder.withClientConfiguration(ClientConfiguration) and
                 AwsClientBuilder.withMetricsCollector(RequestMetricCollector) and
                 AmazonS3EncryptionClientBuilder.withKmsClient(AWSKMS)public static AmazonS3EncryptionClientBuilder encryptionBuilder()
public PutObjectResult putObject(PutObjectRequest req)
 Uploads a new object to the specified Amazon S3 bucket. The
 PutObjectRequest contains all the details of the request,
 including the bucket to upload to, the key the object will be uploaded
 under, and the file or input stream containing the data to upload.
 
Amazon S3 never stores partial objects; if during this call an exception wasn't thrown, the entire object was stored.
If you are uploading or accessing AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
Depending on whether a file or input stream is being uploaded, this method has slightly different behavior.
When uploading a file:
When uploading directly from an input stream:
 If versioning is enabled for the specified bucket, this operation will
 never overwrite an existing object with the same key, but will keep the
 existing object as an older version until that version is explicitly
 deleted (see AmazonS3.deleteVersion(String, String, String).
 
If versioning is not enabled, this operation will overwrite an existing object with the same key; Amazon S3 will store the last write request. Amazon S3 does not provide object locking. If Amazon S3 receives multiple write requests for the same object nearly simultaneously, all of the objects might be stored. However, a single object will be stored with the final write request.
When specifying a location constraint when creating a bucket, all objects added to the bucket are stored in the bucket's region. For example, if specifying a Europe (EU) region constraint for a bucket, all of that bucket's objects are stored in the EU region.
 The specified bucket must already exist and the caller must have
 Permission.Write permission to the bucket to upload an object.
 
 Use EncryptedPutObjectRequest to specify materialsDescription for the EncryptionMaterials to be used for 
 this request.AmazonS3EncryptionClient would use EncryptionMaterialsAccessor.getEncryptionMaterials(java.util.Map) to 
 retrieve encryption materials corresponding to the materialsDescription specified in the current request.
 
putObject in interface AmazonS3putObject in interface S3DirectSpiputObject in class AmazonS3Clientreq - The request object containing all the parameters to upload a
            new object to Amazon S3.PutObjectResult object containing the information
         returned by Amazon S3 for the newly created object.AmazonS3.putObject(String, String, File), 
AmazonS3.putObject(String, String, InputStream, ObjectMetadata), 
AWS API Documentationpublic S3Object getObject(GetObjectRequest req)
AmazonS3
 Gets the object stored in Amazon S3 under the specified bucket and
 key.
 Returns null if the specified constraints weren't met.
 
Be extremely careful when using this method; the returned Amazon S3 object contains a direct stream of data from the HTTP connection. The underlying HTTP connection cannot be reused until the user finishes reading the data and closes the stream. Also note that if not all data is read from the stream then the SDK will abort the underlying connection, this may have a negative impact on performance. Therefore:
GetObjectRequest.setRange(long, long) to request only the bytes you need)
 To get an object from Amazon S3, the caller must have Permission.Read
 access to the object.
 
If the object fetched is publicly readable, it can also read it by pasting its URL into a browser.
 When specifying constraints in the request object, the client needs to be
 prepared to handle this method returning null
 if the provided constraints aren't met when Amazon S3 receives the request.
 
 If the advanced options provided in GetObjectRequest aren't needed,
 use the simpler AmazonS3.getObject(String bucketName, String key) method.
 
If you are accessing AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
getObject in interface AmazonS3getObject in interface S3DirectSpigetObject in class AmazonS3Clientreq - The request object containing all the options on how to
            download the object.null if constraints were specified but not met.AmazonS3.getObject(String, String), 
AmazonS3.getObject(GetObjectRequest, File), 
AWS API Documentationpublic ObjectMetadata getObject(GetObjectRequest req, File dest)
AmazonS3
 Gets the object metadata for the object stored
 in Amazon S3 under the specified bucket and key,
 and saves the object contents to the
 specified file.
 Returns null if the specified constraints weren't met.
 
 Instead of
 using AmazonS3.getObject(GetObjectRequest),
 use this method to ensure that the underlying
 HTTP stream resources are automatically closed as soon as possible.
 The Amazon S3 clients handles immediate storage of the object
 contents to the specified file.
 
 To get an object from Amazon S3, the caller must have Permission.Read
 access to the object.
 
If the object fetched is publicly readable, it can also read it by pasting its URL into a browser.
 When specifying constraints in the request object, the client needs to be
 prepared to handle this method returning null
 if the provided constraints aren't met when Amazon S3 receives the request.
 
If you are accessing AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
getObject in interface AmazonS3getObject in interface S3DirectSpigetObject in class AmazonS3Clientreq - The request object containing all the options on how to
            download the Amazon S3 object content.dest - Indicates the file (which might already exist) where
            to save the object content being downloading from Amazon S3.null if constraints were specified but not met.AmazonS3.getObject(String, String), 
AmazonS3.getObject(GetObjectRequest), 
AWS API Documentationpublic void deleteObject(DeleteObjectRequest req)
AmazonS3Deletes the specified object in the specified bucket. Once deleted, the object can only be restored if versioning was enabled when the object was deleted.
If attempting to delete an object that does not exist, Amazon S3 will return a success message instead of an error message.
deleteObject in interface AmazonS3deleteObject in class AmazonS3Clientreq - The request object containing all options for deleting an Amazon S3
            object.AmazonS3Client.deleteObject(String, String), 
AWS API Documentationpublic CompleteMultipartUploadResult completeMultipartUpload(CompleteMultipartUploadRequest req)
AmazonS3
 You first upload all parts using the
 AmazonS3.uploadPart(UploadPartRequest) method. After successfully
 uploading all individual parts of an upload, you call this operation to
 complete the upload. Upon receiving this request, Amazon S3 concatenates
 all the parts in ascending order by part number to create a new object.
 In the CompleteMultipartUpload request, you must provide the parts list.
 For each part in the list, you provide the part number and the ETag
 header value, returned after that part was uploaded.
 
Processing of a CompleteMultipartUpload request may take several minutes to complete.
If you are perfoming a complete multipart upload for AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
completeMultipartUpload in interface AmazonS3completeMultipartUpload in interface S3DirectSpicompleteMultipartUpload in class AmazonS3Clientreq - The CompleteMultipartUploadRequest object that specifies all
            the parameters of this operation.public InitiateMultipartUploadResult initiateMultipartUpload(InitiateMultipartUploadRequest req)
AmazonS3.uploadPart(UploadPartRequest) requests. You also include this
 upload ID in the final request to either complete, or abort the multipart
 upload request.
 Note: After you initiate a multipart upload and upload one or more parts, you must either complete or abort the multipart upload in order to stop getting charged for storage of the uploaded parts. Once you complete or abort the multipart upload Amazon S3 will release the stored parts and stop charging you for their storage.
If you are initiating a multipart upload for AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
 Use EncryptedInitiateMultipartUploadRequest to specify materialsDescription for the EncryptionMaterials to be used for this request.
 AmazonS3EncryptionClient would use EncryptionMaterialsAccessor.getEncryptionMaterials(java.util.Map) to retrieve encryption materials
 corresponding to the materialsDescription specified in the current request.
 
initiateMultipartUpload in interface AmazonS3initiateMultipartUpload in interface S3DirectSpiinitiateMultipartUpload in class AmazonS3Clientreq - The InitiateMultipartUploadRequest object that specifies all
            the parameters of this operation.public UploadPartResult uploadPart(UploadPartRequest uploadPartRequest) throws SdkClientException, AmazonServiceException
Your UploadPart request must include an upload ID and a part number. The upload ID is the ID returned by Amazon S3 in response to your Initiate Multipart Upload request. Part number can be any number between 1 and 10,000, inclusive. A part number uniquely identifies a part and also defines its position within the object being uploaded. If you upload a new part using the same part number that was specified in uploading a previous part, the previously uploaded part is overwritten.
To ensure data is not corrupted traversing the network, specify the Content-MD5 header in the Upload Part request. Amazon S3 checks the part data against the provided MD5 value. If they do not match, Amazon S3 returns an error.
When you upload a part, the returned UploadPartResult contains an ETag property. You should record this ETag property value and the part number. After uploading all parts, you must send a CompleteMultipartUpload request. At that time Amazon S3 constructs a complete object by concatenating all the parts you uploaded, in ascending order based on the part numbers. The CompleteMultipartUpload request requires you to send all the part numbers and the corresponding ETag values.
Note: After you initiate a multipart upload and upload one or more parts, you must either complete or abort the multipart upload in order to stop getting charged for storage of the uploaded parts. Once you complete or abort the multipart upload Amazon S3 will release the stored parts and stop charging you for their storage.
If you are performing upload part for AWS KMS-encrypted objects, you need to specify the correct region of the bucket on your client and configure AWS Signature Version 4 for added security. For more information on how to do this, see http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html# specify-signature-version
 When supplying an InputStream using UploadPartRequest.withInputStream(InputStream) or UploadPartRequest.setInputStream(InputStream), the stream will only be
 closed by the client if UploadPartRequest.isLastPart() is true. If this is not the last part, the stream will be left open.
 
NOTE: Because the encryption process requires context from block N-1 in order to encrypt block N, parts uploaded with the AmazonS3EncryptionClient (as opposed to the normal AmazonS3Client) must be uploaded serially, and in order. Otherwise, the previous encryption context isn't available to use when encrypting the current part.
uploadPart in interface AmazonS3uploadPart in interface S3DirectSpiuploadPart in class AmazonS3ClientuploadPartRequest - The UploadPartRequest object that specifies all the parameters
            of this operation.SdkClientException - If any errors are encountered in the client while making the
             request or handling the response.AmazonServiceException - If any errors occurred in Amazon S3 while processing the
             request.public CopyPartResult copyPart(CopyPartRequest copyPartRequest)
AmazonS3Client
 If constraints are specified in the CopyPartRequest
 (e.g.
 CopyPartRequest.setMatchingETagConstraints(List))
 and are not satisfied when Amazon S3 receives the
 request, this method returns null.
 This method returns a non-null result under all other
 circumstances.
 
copyPart in interface AmazonS3copyPart in interface S3DirectSpicopyPart in class AmazonS3ClientcopyPartRequest - The request object containing all the options for copying an
            Amazon S3 object.CopyPartResult object containing the information
         returned by Amazon S3 about the newly created object, or null if
         constraints were specified that weren't met when Amazon S3 attempted
         to copy the object.AmazonS3.copyObject(CopyObjectRequest), 
AmazonS3.initiateMultipartUpload(InitiateMultipartUploadRequest)public void abortMultipartUpload(AbortMultipartUploadRequest req)
AmazonS3abortMultipartUpload in interface AmazonS3abortMultipartUpload in interface S3DirectSpiabortMultipartUpload in class AmazonS3Clientreq - The AbortMultipartUploadRequest object that specifies all the
            parameters of this operation.public PutObjectResult putInstructionFile(PutInstructionFileRequest req)
User of this method is responsible for explicitly deleting/updating the instruction file so created should the corresponding S3 object is deleted/created.
public void shutdown()
If the a default internal KMS client has been constructed, it will also be shut down by calling this method. Otherwise, users who provided the KMS client would be responsible to shut down the KMS client extrinsic to this method.
shutdown in interface AmazonS3shutdown in class AmazonWebServiceClientpublic CompleteMultipartUploadResult uploadObject(UploadObjectRequest req) throws IOException, InterruptedException, ExecutionException
There are many ways you can customize the behavior of this method, including
MultiFileOutputStream for
 custom pipeline behaviorUploadObjectObserver for custom
 multi-part upload behaviorA request is handled with the following life cycle, calling the necessary Service Provider Interface:
UploadObjectObserverUploadObjectObserver is constructed (or retrieved from the
 request) for execution of concurrent uploads to S3UploadObjectObserverUploadObjectObserver.onUploadInitiation(UploadObjectRequest)MultiFileOutputStream is constructed (or retrieved from the
 request) which serves as the pipeline for incremental (but serial)
 encryption to disk with concurrent multipart uploads to S3 whenever the
 parts on the disk are readyMultiFileOutputStreamUploadObjectObserver.onPartCreate(PartCreationEvent)UploadObjectObserver.onCompletion(List).IOException - if the encryption to disk failedInterruptedException - if the current thread was interrupted while waitingExecutionException - if the concurrent uploads threw an exceptionCopyright © 2013 Amazon Web Services, Inc. All Rights Reserved.