Currently, I am unable to properly stream from a bucket which utilizes client-side encryption (specifically with a client-provided key in my use case). I've forked and started working through this, but it appears there are also some conflicts with S3's v4 headers.

While I don't mind sorting through this and making a PR, I'd like to open discussion on how to implement this feature as I am not a Ruby developer and am new to contributing to logstash.

As it stands, I've added the following keys to the input configuration:

sse_encryption_algorithm - defaults to AES256, the only supported value currently
sse_encryption_key - the client-provided key

I'm thinking providing the key path may be the best solution, but a direct key made for easier debugging.

Thoughts on this enhancement?