Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Upload to amazon S3 pre-signed url

See original GitHub issue

I need to upload file to Amazon S3 via pre-signed url. I’ve checked via curl and was able to upload files successfully.

Unfortunately upload via Upload.upload method fails each time with 403 Forbidden. Do you have an example uploading to pre-signed S3 URL?

Details: Here is how I get pre-signed url

// Load the AWS SDK for Node.js
var AWS = require('aws-sdk');
/**
 * Export the following environment variables:
 *
 * export AWS_ACCESS_KEY_ID='AKID'
 * export AWS_SECRET_ACCESS_KEY='SECRET'
 */

// Set your region for future requests.
AWS.config.region = 'us-west-2';

var s3 = new AWS.S3();
var params = {Bucket: 'your-bucket-name', Key: 'file2', Expires: 3600};
var url = s3.getSignedUrl('putObject', params);
console.log(url);

Resulted pre-signed url looks like this: https://your-bucket-name.s3-us-west-2.amazonaws.com/file2?AWSAccessKeyId=AKID&Expires=1431709638&Signature=TWgv9o7esxqhDlBxJuhYNZhCmlM%3D

Bucket config looks like this

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <AllowedHeader>*</AllowedHeader>
    </CORSRule>
</CORSConfiguration>

Issue Analytics

State:
Created 8 years ago
Comments:12 (1 by maintainers)

Top GitHub Comments

8reactions

kvetiscommented, Oct 19, 2015

hi, sorry for the late comment, but it should be mentioned in this topic: The problem with amazon signed URL is that it expects raw data, so if you use Upload.upload method data is sent using multipart/form data. Even if you set the content-type right, the whole data is sent there. Use raw data upload - Upload.http so the data does not get corrupted. You can also add the Content-Type to headers.

var config = {
    url: amazon_signed_url,
    headers: {
        "Content-Type": file.type != '' ? file.type : 'application/octet-stream'
    },
    method: 'PUT',
    data: file
};
Upload.http(config);

3reactions

tonycurwencommented, Nov 3, 2016

@kvetis very useful.

I also came unstuck with 403 errors from S3 and eventually found that I had the wrong minimum bucket policy configured. I was missing the PutObjectAcl permission. So for other folks that find this thread you need the following as a minimum:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::YOUR_BUCKET_ID_HERE/*"
            ]
        }
    ]
}