A Financial firm is using an Amazon S3 bucket to store its critical business files. Users upload these files from on-premises locations to individual folders in the Amazon S3 bucket. Security Head requested you to ensure all files uploaded to the Amazon S3 bucket are not corrupted during transit.
What can be done to ensure this request is met?

Answer options:

A.While uploading files with PutObject API, pass the Content-MD5 value as a request header.
B.While uploading files with PutObject API, pass the x-amz-content-sha256 value as a request header.
C.While uploading files with PutObject API, pass the Content-Type value as a request header.
D.While uploading files with PutObject API, pass the x-amz-security-token value as a request header.

Correct Answer: A
Content-MD5 header is an optional header in the Amazon S3 REST requests, which can be used to check the integrity of the data and ensure data is not corrupt during transit. When data is uploaded using PutObject having Content-MD5 as a request header, Amazon S3 checks the data against the Content-MD5 value. If the value is not matched, an error is generated.
Option B is incorrect as the header x-amz-content-sha256 provides a hash of the payload used for authentication in the case of the signature version4. This header is not used for checking integrity of the data.
Option C is incorrect as Content-type consists of the content type of the resources and is not used for checking integrity of the data.
Option D is incorrect as the header x-amz-security-token is used for requests which use Amazon DevPay and temporary security credentials. This header is not used for checking integrity of the data.
For more information on integrity check with Amazon S3, refer to the following URLs,
https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html
https://aws.amazon.com/premiumsupport/knowledge-center/data-integrity-s3/