I have this code:
import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3'
import { getSignedUrl } from '@aws-sdk/s3-request-presigner'
import { Constants } from './constants'
const config = {
region: Constants.BUCKET_REGION,
credentials: {
accessKeyId: Constants.BUCKET_ACCESS_KEY_ID,
secretAccessKey: Constants.SECRET_ACCESS_KEY
}
}
const s3 = new S3Client(config)
const generateS3UploadUrl = async (key: string): Promise<string> => {
const command = new PutObjectCommand({
Bucket: process.env.BUCKET_NAME,
Key: key,
ContentType: 'image/jpeg'
})
const url = await getSignedUrl(s3, command, { expiresIn: 3600 })
return url
}
export { generateS3UploadUrl }
I can generate presigned urls successfully, but when i try to use them i can't, i get "Access Denied". My bucket configuration it's default.
I don't care if the bucket is public, i want to be able to store and get the files using presigned urls
I solved it disabling the Public Access Block in permissions and using this bucket policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::bucket-name/*"
}
]
}