NiFi currently only supports SSE-S3 encryption (AES256).
Support needs to be added for:
- CSE-KMS CMK
- CSE-Master Key
With all of the appropriate configuration options and such that SSE is available only for PutS3Object whilst CSE is available also for FetchS3Object.
Given that this will add another 20 or so UI properties the intention is to split it into a Client Side Encryption Service and Server Side Encryption Service. This will allow users to reuse "encryption" across different workflows.
Existing flows using the Server Side Encryption option will still work as is but will be overridden if a service is added.