Prevent read encrypted data from S3 API

rhodey · February 7, 2025, 3:36am

I login to Storj
I create a bucket
I create S3 credentials
allow write to bucket
use access + secret key to PutObject

My question is after step 5 is it possible for the root account to ever get the encrypted contents of the object I put into the bucket without using the access + secret key?

I understand and it is obvious that you should not be able to get the decrypted contents of the object without the keys but I want to know is the object protected from even fetch the encrypted contents without the access + secret keys?

arrogantrabbit · February 7, 2025, 4:20am

No, to see the object the correct encryption key is needed. In fact, the opposite is also true — a single bucket can contain objects encrypted with different keys; only those that decrypt with each key will be visible.

rhodey · February 8, 2025, 1:35am

Thanks!

Marking your reply as solution / answer