Access Denied upload to s3
I tried uploading to s3 and when I see the logs from the s3 bucket logs this is what it says:
mybucket-me [17/Oct/2013:08:18:57 +0000] 120.28.112.39
arn:aws:sts::778671367984:federated-user/[email protected] BB3AA9C408C0D26F
REST.POST.BUCKET avatars/dean%2540player.com/4.png "POST / HTTP/1.1" 403
AccessDenied 231 - 132 - "http://localhost:8080/ajaxupload/test.html" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17" -
I got an access denied. From where it's pointing I think the only thing that I'm missing out is adding of bucket policy. So here goes.
Using my email I could log in to my app and upload an avatar. The bucket name where I want to put my avatar is mybucket-me and in that it has a sub bucket named avatars.
-mybucket-me
-avatars
[email protected] //dynamic based on who are logged in
-myavatar.png //image uploaded
How do I add a bucket policy so I could grant a federated such as I to upload in s3 or what is the correct statement that I will add on my bucket policy so it could grant me a permission to upload into our bucket?
Answer
2019+
You now either have to:
- Set Block new public ACLs and uploading public objects to false if your items are public (top left policie in the picture)
- Set
acl: 'private'when uploading your image if your items are private
Example in Node.js:
const upload = multer({
storage: multerS3({
s3: s3,
bucket: 'moodboard-img',
acl: 'private',
metadata: function (req, file, cb) {
cb(null, {fieldName: file.fieldname});
},
key: function (req, file, cb) {
cb(null, Date.now().toString())
}
})
})