Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Getting `InvalidPolicyDocument, Invalid Policy: Invalid JSON` from poresigned POST url.

0

I am getting the following error whenever I attempt to post something to an S3 bucket using a POST presigned URL;

<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>InvalidPolicyDocument</Code>
    <Message>Invalid Policy: Invalid JSON.</Message>
    <RequestId>568TTY4KHP1SR41W</RequestId>
    <HostId>Fk5dAEIEM2Awp2+JPpuD60karubosk5crAcYCejtSZkLsyqPdFEmh4GVSEv3+tIeYSc78/OY6JY=</HostId>
</Error>

Below is the policy in base64 that figures in the Policy field of the POST request's form data:

eyJleHBpcmF0aW9uIjoiMjAyMy0xMi0xM1QwMDoyNTo1OS45MDJaIiwiY29uZGl0aW9ucyI6W1siY29udGVudC1sZW5ndGgtcmFuZ2UiLDAsNTEyLjBdLFsiZXEiLCIkS2V5IiwiZTJiMWJmZmItOTA5Yi00ZTIyLTg2NjItNzU5NmNlN2M0ZTE3LzkxNzQ2M2YyLWQ5MGYtNGJlNy04MzIyLWVlMjVjNDNhMTg2MCJdLFsiZXEiLCIkQ29udGVudC1UeXBlIiwiYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtIl0sWyJlcSIsIiRYLUFtei1NZXRhLUF1dGhvciIsImUyYjFiZmZiLTkwOWItNGUyMi04NjYyLTc1OTZjZTdjNGUxNyJdLFsiZXEiLCIkWC1BbXotTWV0YS1BdXRob3ItVGllciIsInRpZXI6MCJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtRXhwaXJhdGlvbiIsIjIwMjMtMTItMTlUMDE6MjU6NTkuOTAzNTY1MyswMTowMCJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtTmFtZSIsIiJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtVHlwZSIsIiJdLHsiQnVja2V0IjoiYnVja2V0LWYzOTZkOGUyIn0seyJ4LWFtei1kYXRlIjoiMjAyMzEyMTJUMDAyNjAwWiJ9LHsieC1hbXotYWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsieC1hbXotY3JlZGVudGlhbCI6IkFLSUFYM1c2QldDRVE2WFZSNkZHLzIwMjMxMjEyL2V1LXdlc3QtMi9zMy9hd3M0X3JlcXVlc3QifSxbImVxIiwiJFRhZ2dpbmciLCI8P3htbCB2ZXJzaW9uPVwiMS4wXCIgZW5jb2Rpbmc9XCJVVEYtOFwiPz48VGFnZ2luZyB4bWxucz1cImh0dHA6Ly9zMy5hbWF6b25hd3MuY29tL2RvYy8yMDA2LTAzLTAxL1wiPjxUYWdTZXQ+PFRhZz48S2V5PlRpZXI8L0tleT48VmFsdWU+dGllcjowPC9WYWx1ZT48L1RhZz48VGFnPjxLZXk+VHlwZTwvS2V5PjxWYWx1ZT5FcGhlbWVyYWw8L1ZhbHVlPjwvVGFnPjwvVGFnU2V0PjwvVGFnZ2luZz4iXV19

Which decodes to:

{
  "expiration": "2023-12-13T00:25:59.902Z",
  "conditions": [
    ["content-length-range", 0, 512.0],
    [
      "eq",
      "$Key",
      "e2b1bffb-909b-4e22-8662-7596ce7c4e17/917463f2-d90f-4be7-8322-ee25c43a1860"
    ],
    ["eq", "$Content-Type", "application/octet-stream"],
    ["eq", "$X-Amz-Meta-Author", "e2b1bffb-909b-4e22-8662-7596ce7c4e17"],
    ["eq", "$X-Amz-Meta-Author-Tier", "tier:0"],
    [
      "starts-with",
      "$X-Amz-Meta-Record-Expiration",
      "2023-12-19T01:25:59.9035653+01:00"
    ],
    ["starts-with", "$X-Amz-Meta-Record-Name", ""],
    ["starts-with", "$X-Amz-Meta-Record-Type", ""],
    { "Bucket": "bucket-f396d8e2" },
    { "x-amz-date": "20231212T002600Z" },
    { "x-amz-algorithm": "AWS4-HMAC-SHA256" },
    {
      "x-amz-credential": "AKIAX3W6BWCEQ6XVR6FG/20231212/eu-west-2/s3/aws4_request"
    },
    [
      "eq",
      "$Tagging",
      "<?xml version=\"1.0\" encoding=\"UTF-8\"?><Tagging xmlns=\"http://s3.amazonaws.com/doc/2006-03-01/\"><TagSet><Tag><Key>Tier</Key><Value>tier:0</Value></Tag><Tag><Key>Type</Key><Value>Ephemeral</Value></Tag></TagSet></Tagging>"
    ]
  ]
}

I did spend time looking at other answers but couldn't find anything useful for my case.

Themen
Speicher
Tags
Amazon S3-Glaciervorsignierte URL
Sprache
English
Chandler
gefragt vor 5 Monaten198 Aufrufe
1 Antwort
0

I managed to solve the issue. Float values for content-length-range seem to not be allowed. No explicit errors are thrown nor is this mentioned in the documentation.

Chandler
beantwortet vor 5 Monaten

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt