Cannot Upload to S3

  • Resolved rvodden

    (@rvodden)


    3 years, 4 months ago

    I’ve set up an S3 bucket, and the following IAM policy:

    
<pre><code>{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:DeleteObject",
                "s3:Put*",
                "s3:Get*",
                "s3:List*"
            ],
            "Resource": [
                "arn:aws:s3:::bso-wordpress-static-content",
                "arn:aws:s3:::bso-wordpress-static-content/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:GetBucketLocation",
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "cloudfront:ListDistributions"
            ],
            "Resource": "*"
        }
    ]
}

    Why I try to upload files using the AWS CLI and the user which has that policy assigned then all works well, however, when I try the test function on the CDN page I get the following error:

    
Error: Error executing "PutObject" on "https://bso-wordpress-static-content.s3.eu-west-1.amazonaws.com/test_s3_1f0725e8f0f217520ca806e072ba54a3"; AWS HTTP error: Client error:PUT https://bso-wordpress-static-content.s3.eu-west-1.amazonaws.com/test_s3_1f0725e8f0f217520ca806e072ba54a3resulted in a403 Forbiddenresponse: AccessDeniedAccess DeniedNDBW9D (truncated...) AccessDenied (client): Access Denied - AccessDeniedAccess DeniedNDBW9D0S1NZDHX71n+a2k+bhILA/QB+IhK0+ElYtqUWf/N8gjEZFtZmk2MffRCkDwrfMUsjBaun38PTBL8qk/+5/zPk=
    • This topic was modified 3 years, 4 months ago by rvodden.
    • This topic was modified 3 years, 4 months ago by rvodden.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @rvodden

    Thank you for reaching out and I am happy to assist you with this.
    Can you please check the bucket access status? It should be set to “Objects can be public”.
    Let me know if this helps!
    Thanks!

    Thread Starter rvodden

    (@rvodden)

    Yeah it does help, but there’s no reason for the objects to be public if they’re being served through CloudFront. I’ve had a look at the code and its because the S3 engine forces the ‘public-read’ ACL on every object it uploads. I’ll raise a bug on github and submit a PR.

    Thread Starter rvodden

    (@rvodden)

    I have raised this issue on github:

    https://github.com/W3EDGE/w3-total-cache/issues/461

    And I will submit a PR very soon.

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @rvodden

    Thank you for taking the time to submit the PR and create a GH issue.
    The devs will make sure to check this and review it.
    Thank you for your patience.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Cannot Upload to S3’ is closed to new replies.