Question 19465 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

AWS S3 Bucket is public but makes itself private after I upload a file

I configured a folder in my s3 bucket to be public but when I upload a new file it makes the whole folder private again so I can’t access any of the photos I uploaded with the react native app that I’m making.

I discovered there is a property named level that can be set to public when I’m uploading, but even after doing that I’m still having the same problem:

try {
          const response = await fetch(image);
          const blob = await response.blob();
          const res = await Storage.put(fileName, blob, {
            contentType: 'image/jpeg',
            level: 'public'
             
          });
          console.log(res);
        } catch (err) {
          console.log('Error uploading file:', err);
        }

After uploading a file into that folder if I try to access any of the photos I uploaded I get this:

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>VVA4P84N464GN15S</RequestId>
<HostId>GoHg1p7ZnMCgY2B0CL8CsJARtEU3DCmesh+K1BQiOGX8++prVp/GoqddtcSbZBLi4iTQ38KDbVk=</HostId>
</Error>

This is how I made it public:
Went to the bucket, selected the folder, clicked on actions and then clicked on make public with ACL.

enter image description here
Please help. Hopefully somebody knows what I’m doing wrong.

Tags:

3

Answers


  1. Chosen as BEST ANSWER
    0

    All I had to do is go to s3 bucket and look for Permissions tab, Bucket policy, click edit and put:

    {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::YOUR_BUCKET_NAME/*"
    }
  ]
}

    After that the access is public.


  2. 0

    Just uploading a file and set it’s level to public might not be enough depending on your configuration.

    There also are ACLs and Bucket policies that you should check out.

    e.g.

    S3 Block Public Access provides four settings. You can apply these settings in any combination to individual access points, buckets, or entire AWS accounts.

    which means if your settings are set to IgnorePublicAcls for example, the public level of your file would be ignored.

    aws docs

    Login or Signup to reply.
  3. 0

    Amplify’s level='public' feature is not what you think it is. It doesn’t make an S3 object public (in the sense that S3 considers an object to be public).

    What it does is allow all users of your Amplify app (including unauthenticated users) to request a pre-signed URL for the object, and then use that pre-signed URL to fetch the object. See this Amplify bug report and this feature request.

    My understanding is that to make an uploaded S3 object public so that you can access it using an unsigned object URL such as https://mybucket.s3.amazonaws.com/someid/public/dog.png, you have to:

    1. add {acl:"public-read"} when putting the object
    2. ensure your parameters.json file includes the s3:PutObjectAcl permission (and potentially in s3-cloudformation-template.json too)
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search