Question

32
Views
SANATHAZRA Member since 2012 7 posts
Cognizant Worldwide Limited
Posted: June 14, 2020
Last activity: June 14, 2020

Object encryption in Amazon S3 bucket with AES-256

Hi,

We have a requirement to exchange files through AWS S3 bucket which means Pega will read/write from/to S3 bucket available in VPC. We have configured a repository of type Amazon S3 in our application and have also created an authentication profile using AccessKeyID & SecretAccessKey. With this configuration, we are able to connect to the S3 bucket and read/write files successfully. Just FYI..we are using the OOTB data pages (D_pxNewFile, D_pxGetFile) available in Embed-Repository-File class for reading/writing files.

However, the need is to use 256-bit Advanced Encryption Standard (AES-256) to encrypt the objects being transferred to S3. We have updated the bucket policy in AWS, but not sure what additional changes need to done in Pega to make this encryption work. Please let us know if anyone has done this.

I found the below article in the collaboration centre but this is applicable when we want to use AWS KMS. But our requirement is different.

https://community.pega.com/knowledgebase/articles/security/configuring-amazon-web-services-key-management-service-keystore

 

Pega Platform 8.1.7 Security Insurance Lead System Architect
Share this page LinkedIn