S3 Server Side Encrpytion

I have the requirement to encrypt Gitlab backup data at rest. Has anyone found a way using Omnibus Gitlab to configure the gitlab:backup to upload the backup archive to an AWS S3 bucket requesting server side encryption as described here: Protecting Data Using Server-Side Encryption with Amazon S3-Managed Encryption Keys?

I’ve configured the upload successfully without server side encryption by following the Upload backups to remote (cloud) storage instructions in the Gitlab documentation. However, I have been unable to find the proper way to request server side encryption by sending the “x-amz-server-side-encryption” header as described in the above Amazon article.

I would prefer to do this the ‘Gitlab way’ rather than to install and run AWS Sync (or a similar tool) as described in AWS Sync to accomplish the upload after the backup is written to the local server’s backup directory.

Thanks Paul Beattie!! I haven’t used this because we came up with a workaround, but this is a great feature.
v 8.0.2

  • Allow AWS S3 Server-Side Encryption with Amazon S3-Managed Keys for backups (Paul Beattie)