S3 multipart upload to presigned URL returns HTTP 500 on OPTIONS request

Question

We have set up a S3 bucket with CORS rules to upload data to. The upload is done using a presigned URL and a multipart upload. We have several deployments that have this setup working. On the latest setup that we deployed today the S3 bucket is returning a HTTP code 500 (in the OPTIONS request) and a CORS error `No 'Access-Control-Allow-Origin' header is present on the requested resource` when attempting a PUT request using the needed payload and headers.

While investigating the error with curl we found that the bucket returns a redirect from https://bucketname.s3.amazonaws.com/ to https://bucketname.s3.eu-central-1.amazonaws.com/. When we send a request to the URL that includes the region with the needed payload and headers, we now receive Access-Control-Allow-Origin headers but a HTTP code 403 with a response that the signatures do not match.

When the CORS configuration is removed from the bucket, we receive HTTP code 403 and a CORS error.

We have also tried server different options in the CORS configuration, all of which resulted in a HTTP code 500.

Rebuilding the bucket also did not change the above-described problems.

Accepted Answer

If the bucket is new, this redirection response is expected while DNS propagation takes place. See https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingRouting.html for further details.

The redirection will stop once DNS has propagated fully, and S3 should start responding to the non-region-specific DNS name for your bucket.

However, it may be more reliable to specify the region when creating the presigned URLs, just in case S3 returns a redirect at some point in the future.

S3 multipart upload to presigned URL returns HTTP 500 on OPTIONS request

Relevant content