By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

304 for upload when all settings are public

0

hello,
this is my first time with aws.

i am trying to upload image from website to S3.
all my settings are public as fare as i understand, yet i get
Response {type: "cors", url: "https://s-cart-x.s3.eu-central-1.amazonaws.com/", redirected: false, status: 403, ok: false, …

the settings:

Permissions overview
Access
Public

Block all public access
Off
Block public access to buckets and objects granted through new access control lists (ACLs)
Off
Block public access to buckets and objects granted through any access control lists (ACLs)
Off
Block public access to buckets and objects granted through new public bucket or access point policies
Off
Block public and cross-account access to buckets and objects through any public bucket or access point policies
Off

Bucket policy
{
"Version": "2012-10-17",
"Id": "Policy1627561847500",
"Statement": [
{
"Sid": "Stmt1627561827637",
"Effect": "Allow",
"Principal": "",
"Action": "s3:GetObject",
"Resource": [
"arn:aws:s3:::s-cart-x/",
"arn:aws:s3:::s-cart-x"
]
}
]
}

Object ownership
Object writer
The object writer remains the object owner.

Cross-origin resource sharing (CORS)
[
{
"AllowedHeaders": [
""
],
"AllowedMethods": [
"PUT",
"POST",
"GET",
"DELETE"
],
"AllowedOrigins": [
"http://localhost:3000"
],
"ExposeHeaders": []
},
{
"AllowedHeaders": [
""
],
"AllowedMethods": [
"PUT",
"POST",
"GET",
"DELETE"
],
"AllowedOrigins": [
"https://s-cart-x.herokuapp.com"
],
"ExposeHeaders": []
}
]

help.

Topics
Storage
Tags
Amazon Simple Storage Service
Language
English
xoxoxoxo
asked 3 years ago257 views
2 Answers
0

this is what solve the trick... partially
(i cant believe amazon dont have a wizard to this.. but: )

i have changes the policy
{
"Version": "2012-10-17",
"Id": "Policy1627561847500",
"Statement": [
{
"Sid": "Stmt1627561827637",
"Effect": "Allow",
"Principal": "",
"Action": [
"s3:GetObject",
"s3:GetObjectAcl",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::s-cart-x/",
"arn:aws:s3:::s-cart-x"
],
"Condition": {
"StringLike": {
"aws:Referer": [
"https://shopping-cart-x.herokuapp.com/",
"http://localhost:3000/seller/NewProductScreen"
]
}
}
}
]
}

the issue now - is that the cors AllowedOrigins have to be AllowedOrigins:"*" ...
it fails with localhost:3000... or localhost:3000/myPath

xoxoxoxo
answered 3 years ago
0

so this is the cors setting that fix the localhost for me

[
{
"AllowedHeaders": [
""
],
"AllowedMethods": [
"PUT",
"POST",
"GET",
"DELETE"
],
"AllowedOrigins": [
"http://localhost:3000"
],
"ExposeHeaders": [
"x-amz-server-side-encryption",
"x-amz-request-id",
"x-amz-id-2",
"Connection",
"ETag"
]
},
{
"AllowedHeaders": [
""
],
"AllowedMethods": [
"PUT",
"POST",
"GET",
"DELETE"
],
"AllowedOrigins": [
"https://s-cart-x.herokuapp.com/"
],
"ExposeHeaders": [
"x-amz-server-side-encryption",
"x-amz-request-id",
"x-amz-id-2",
"Connection",
"ETag"
]
}
]

so by now finly s3 is working....
it was a nightmer -

xoxoxoxo
answered 3 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content