Hi there -
I’m still evaluating Mattermost and have a couple of question S3 related. I would like to have more clarification about the following points:
- S3 Encryption
I’ve noticed that object stored into S3 does not have AES encryption flag enabled.
AmazonS3SSL is set to
True , but it only means the connection is done through HTTPS, not that the object is actually encrypted at a server side level. Is there any configuration file I’m missing or this feature is just not supported as of today ?
- S3 VPC endpoint
It looks like Mattermost does not work if you specify a VPC endpoint (http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html) for S3. According to https://github.com/mattermost/platform/blob/f02620b291b988848392c455a7719699f6b5c00f/vendor/github.com/minio/minio-go/s3-endpoints.go , only public endpoints are supported Am I missing something? A private S3 endpoint looks like com.amazonaws.us-west-2.s3.
- Support IAM Role
Is this possible to use IAM Role with S3 permissions instead of passing AWS Access/secret key on config.json?