How do I put object to amazon s3 using presigned url?

萝らか妹 提交于 2019-12-03 02:30:13
Volkan Paksoy

I managed to succesfully upload a file by using your code.

Here are the steps I followed:

  1. Created a new bucket and a new IAM user

  2. Set IAM user's policy as below:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Sid": "Stmt1418647210000",
                "Effect": "Allow",
                "Action": [
                    "s3:Put*"
                ],
                "Resource": [
                    "arn:aws:s3:::myBucket/*"
                ]
            }
        ]
    }
    
  3. Did NOT create a bucket policy

  4. Used your code to generate the pre-signed URL:

    var aws = require('aws-sdk');
    aws.config = {
        accessKeyId: myAccessKeyId,
        secretAccessKey: mySecretAccessKey
    };
    
    var s3 = new aws.s3();
    s3.getSignedUrl('putObject', {
        Bucket: 'myBucket',
        Expires: 60*60,
        Key: 'myKey'
    }, function (err, url) {
        console.log(url);
    });
    
  5. Copied the URL on the screen and used curl to test the upload as below:

    curl.exe -k -X PUT -T "someFile" "https://myBucket.s3.amazonaws.com/myKey?AWSAccessKeyId=ACCESS_KEY_ID&Expires=1457632663&Signature=Dhgp40j84yfjBS5v5qSNE4Q6l6U%3D"
    

In my case it generally took 5-10 seconds for the policy changes to take effect so if it fails the first time make sure to keep sending it for a while.

Hope this helps.

  1. In your IAM console, click Users
  2. On the right list, choose the IAM user you used(should be 'myuser')
  3. Choose Permissions on the sub tabs
  4. Click Attach Policy and choose AmazonS3FullAccess

The final page will be like this.

You may also check Security Credentials sub tab, your accessKeyId should be on the list. The secretAccessKey just can not get again.

You've correctly set up the permissions on the bucket, to allow access from the user.

But you also need to edit the policy of the user, to allow the user to access the S3 service.

Edit the IAM policy of the user whose credentials you're using to generate the self-signed URL. Something like this will definitely cover everything:

{
  "Statement": [
    {
      "Sid": "AllowAllS3Access",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

It may help you too :) Add a ContentType property :

s3.getSignedUrl('putObject', {
    Bucket: 'myBucket',
    Expires: 60*60,
    Key: 'myKey',
    ContentType: 'image/jpeg',
}, function (err, url) {
   console.log(url);
});
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!