Hello All,

We are currently on SAP Commerce Cloud v2205 and using s3MediaStorageStrategy to store/retrieve media in AWS S3.Recently, we have enabled 'Server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS)' for the buckets and after that, we are not able to access the objects in S3. We were able to push the objects to the bucket as we can see through the AWS console, but we are not able to access it. For example, while running any banner component related impexes along with the images, the images are stored in s3 after successful import of impex, but when we are trying to access that banner through application we are facing issue.

Earlier, we just used to configure the below properties. As the extension 'amazoncloud' takes care of everything, just we are overriding the properties.

media.globalSettings.s3MediaStorageStrategy.bucketId=

media.globalSettings.s3MediaStorageStrategy.accessKeyId=

media.globalSettings.s3MediaStorageStrategy.secretAccessKey=

media.globalSettings.s3MediaStorageStrategy.endpoint=s3.amazonaws.com

media.globalSettings.s3MediaStorageStrategy.url.signed=true

media.default.url.signed.validFor=5

media.default.storage.strategy=s3MediaStorageStrategy

media.default.url.strategy=s3MediaURLStrategy

Has anyone done this kind of implementation for 'Encryption with AWS-KMS'? I see a jar 'aws-java-sdk-kms-1.12.292.jar' in the suite itself, but not sure if we can leverage that or not(We have created the KMS key as well). Could anyone help me how can I handle this?

Note: We are successfully able to access the media which we have already imported before the encryption, but if we want to create a new media we are facing this issue.

Thanks