Deliverables

Screenshot of terminal output of successful CLI upload of file using your client key

Screenshot of terminal output of successful CLI download of file using your client key

Steps

Download the OpenSSL For Windows Binaries Zip File: [openssl-0.9.8h-1-bin.zip](https://champlain.instructure.com/courses/2216686/files/297066991?wrap=1)[Download openssl-0.9.8h-1-bin.zip](https://champlain.instructure.com/courses/2216686/files/297066991/download?download_frd=1)

Open and extract the zip file and pay attention to where it is located
Open a cmd or a powershell window and cd to openssl-0.9.8h-1-bin\bin
Run .\openssl version - to verify that openssl is working

key=8546DD4678D8C591AFAA50AF86C7E52C

Create a key that you can use to encrypt your files

General syntax for using aws cli to cp to/from s3 is:

aws s3 cp source destination

• Source/destination are similar to scp
• For example, to copy a file (/opt/docs/lab.txt) from local system to an s3 bucket and folder called ChampSYS360/Lab4-2

aws s3 cp /opt/docs/lab.txt s3://ChampSYS360/Lab4-2

• To do the opposite, download from S3 to the local file system (say the current working directory - aka "."

aws s3 cp s3://ChampSYS360/Lab4-2

Before you upload a file, you need to provide your client key to encrypt it!

To do that, you need to add 2 switches to your aws s3 cp command:

• "--sse-c" which says you want to use client key encryption
• "--sse-c-key key_value_you_created_with_openssl" (the "salt" and "iv" are not needed)

Upload test1

aws s3 cp 4-2_test1.txt s3://nicolas-s3/4-2_test1 --sse-c --sse-c-key 8546DD4678D8C591AFAA50AF86C7E52C

Download a file from a prior lab

aws s3 cp s3://nicolas-s3/test.txt .

Try and download the file you just added with no switches

Try and download the file you just added WITH switches