I configured a folder in my s3 bucket to be public but when I upload a new file it makes the whole folder private again so I can’t access any of the photos I uploaded with the react native app that I’m making.
I discovered there is a property named level that can be set to public when I’m uploading, but even after doing that I’m still having the same problem:
try {
const response = await fetch(image);
const blob = await response.blob();
const res = await Storage.put(fileName, blob, {
contentType: 'image/jpeg',
level: 'public'
});
console.log(res);
} catch (err) {
console.log('Error uploading file:', err);
}
After uploading a file into that folder if I try to access any of the photos I uploaded I get this:
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>VVA4P84N464GN15S</RequestId>
<HostId>GoHg1p7ZnMCgY2B0CL8CsJARtEU3DCmesh+K1BQiOGX8++prVp/GoqddtcSbZBLi4iTQ38KDbVk=</HostId>
</Error>
This is how I made it public:
Went to the bucket, selected the folder, clicked on actions and then clicked on make public with ACL.
3
Answers
All I had to do is go to s3 bucket and look for Permissions tab, Bucket policy, click edit and put:
After that the access is public.
Just uploading a file and set it’s level to public might not be enough depending on your configuration.
There also are
ACLs
andBucket policies
that you should check out.e.g.
which means if your settings are set to
IgnorePublicAcls
for example, the public level of your file would be ignored.aws docs
Amplify’s
level='public'
feature is not what you think it is. It doesn’t make an S3 object public (in the sense that S3 considers an object to be public).What it does is allow all users of your Amplify app (including unauthenticated users) to request a pre-signed URL for the object, and then use that pre-signed URL to fetch the object. See this Amplify bug report and this feature request.
My understanding is that to make an uploaded S3 object public so that you can access it using an unsigned object URL such as
https://mybucket.s3.amazonaws.com/someid/public/dog.png
, you have to:{acl:"public-read"}
when putting the objects3:PutObjectAcl
permission (and potentially in s3-cloudformation-template.json too)