By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Getting `InvalidPolicyDocument, Invalid Policy: Invalid JSON` from poresigned POST url.

0

I am getting the following error whenever I attempt to post something to an S3 bucket using a POST presigned URL;

<?xml version="1.0" encoding="UTF-8"?>
<Error>
    <Code>InvalidPolicyDocument</Code>
    <Message>Invalid Policy: Invalid JSON.</Message>
    <RequestId>568TTY4KHP1SR41W</RequestId>
    <HostId>Fk5dAEIEM2Awp2+JPpuD60karubosk5crAcYCejtSZkLsyqPdFEmh4GVSEv3+tIeYSc78/OY6JY=</HostId>
</Error>

Below is the policy in base64 that figures in the Policy field of the POST request's form data:

eyJleHBpcmF0aW9uIjoiMjAyMy0xMi0xM1QwMDoyNTo1OS45MDJaIiwiY29uZGl0aW9ucyI6W1siY29udGVudC1sZW5ndGgtcmFuZ2UiLDAsNTEyLjBdLFsiZXEiLCIkS2V5IiwiZTJiMWJmZmItOTA5Yi00ZTIyLTg2NjItNzU5NmNlN2M0ZTE3LzkxNzQ2M2YyLWQ5MGYtNGJlNy04MzIyLWVlMjVjNDNhMTg2MCJdLFsiZXEiLCIkQ29udGVudC1UeXBlIiwiYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtIl0sWyJlcSIsIiRYLUFtei1NZXRhLUF1dGhvciIsImUyYjFiZmZiLTkwOWItNGUyMi04NjYyLTc1OTZjZTdjNGUxNyJdLFsiZXEiLCIkWC1BbXotTWV0YS1BdXRob3ItVGllciIsInRpZXI6MCJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtRXhwaXJhdGlvbiIsIjIwMjMtMTItMTlUMDE6MjU6NTkuOTAzNTY1MyswMTowMCJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtTmFtZSIsIiJdLFsic3RhcnRzLXdpdGgiLCIkWC1BbXotTWV0YS1SZWNvcmQtVHlwZSIsIiJdLHsiQnVja2V0IjoiYnVja2V0LWYzOTZkOGUyIn0seyJ4LWFtei1kYXRlIjoiMjAyMzEyMTJUMDAyNjAwWiJ9LHsieC1hbXotYWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsieC1hbXotY3JlZGVudGlhbCI6IkFLSUFYM1c2QldDRVE2WFZSNkZHLzIwMjMxMjEyL2V1LXdlc3QtMi9zMy9hd3M0X3JlcXVlc3QifSxbImVxIiwiJFRhZ2dpbmciLCI8P3htbCB2ZXJzaW9uPVwiMS4wXCIgZW5jb2Rpbmc9XCJVVEYtOFwiPz48VGFnZ2luZyB4bWxucz1cImh0dHA6Ly9zMy5hbWF6b25hd3MuY29tL2RvYy8yMDA2LTAzLTAxL1wiPjxUYWdTZXQ+PFRhZz48S2V5PlRpZXI8L0tleT48VmFsdWU+dGllcjowPC9WYWx1ZT48L1RhZz48VGFnPjxLZXk+VHlwZTwvS2V5PjxWYWx1ZT5FcGhlbWVyYWw8L1ZhbHVlPjwvVGFnPjwvVGFnU2V0PjwvVGFnZ2luZz4iXV19

Which decodes to:

{
  "expiration": "2023-12-13T00:25:59.902Z",
  "conditions": [
    ["content-length-range", 0, 512.0],
    [
      "eq",
      "$Key",
      "e2b1bffb-909b-4e22-8662-7596ce7c4e17/917463f2-d90f-4be7-8322-ee25c43a1860"
    ],
    ["eq", "$Content-Type", "application/octet-stream"],
    ["eq", "$X-Amz-Meta-Author", "e2b1bffb-909b-4e22-8662-7596ce7c4e17"],
    ["eq", "$X-Amz-Meta-Author-Tier", "tier:0"],
    [
      "starts-with",
      "$X-Amz-Meta-Record-Expiration",
      "2023-12-19T01:25:59.9035653+01:00"
    ],
    ["starts-with", "$X-Amz-Meta-Record-Name", ""],
    ["starts-with", "$X-Amz-Meta-Record-Type", ""],
    { "Bucket": "bucket-f396d8e2" },
    { "x-amz-date": "20231212T002600Z" },
    { "x-amz-algorithm": "AWS4-HMAC-SHA256" },
    {
      "x-amz-credential": "AKIAX3W6BWCEQ6XVR6FG/20231212/eu-west-2/s3/aws4_request"
    },
    [
      "eq",
      "$Tagging",
      "<?xml version=\"1.0\" encoding=\"UTF-8\"?><Tagging xmlns=\"http://s3.amazonaws.com/doc/2006-03-01/\"><TagSet><Tag><Key>Tier</Key><Value>tier:0</Value></Tag><Tag><Key>Type</Key><Value>Ephemeral</Value></Tag></TagSet></Tagging>"
    ]
  ]
}

I did spend time looking at other answers but couldn't find anything useful for my case.

Topics
Storage
Tags
Amazon S3 Glacierpresigned URL
Language
English
Chandler
asked 5 months ago187 views
1 Answer
0

I managed to solve the issue. Float values for content-length-range seem to not be allowed. No explicit errors are thrown nor is this mentioned in the documentation.

Chandler
answered 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content