问题
I would like to think that it's a big YES, but I prefer to ask before to suppose. So, do you know if the AWS SDK for Java always uses a secure channel when I download/upload files from/to S3 buckets? Or this is something that should be configured when I write the code or into the S3 buckets itself?
回答1:
Amazon S3 end points support both HTTP and HTTPS (http://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region)
when you're using the Java SDK you will create an AmazonS3Client and if you do not specify to he specifically using the HTTP protocol it will use by default HTTPS (see http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/services/s3/AmazonS3Client.html#setEndpoint(java.lang.String))
Callers can pass in just the endpoint (ex: "ec2.amazonaws.com") or a full URL, including the protocol (ex: "https://ec2.amazonaws.com"). If the protocol is not specified here, the default protocol from this client's ClientConfiguration will be used, which by default is HTTPS.
回答2:
Answer with link to a newer Java SDK docs:
setProtocol - The default configuration is to use HTTPS for all requests for increased security.
来源:https://stackoverflow.com/questions/36773123/does-aws-sdk-for-java-communicate-in-a-secure-channel-with-s3-servers