S3 presigned url access denied

515 Views Asked by Matias Pizzi At 04 April 2025 at 10:10

I have this code:

import { S3Client, PutObjectCommand } from '@aws-sdk/client-s3'
import { getSignedUrl } from '@aws-sdk/s3-request-presigner'
import { Constants } from './constants'

const config = {
  region: Constants.BUCKET_REGION,
  credentials: {
    accessKeyId: Constants.BUCKET_ACCESS_KEY_ID,
    secretAccessKey: Constants.SECRET_ACCESS_KEY
  }
}

const s3 = new S3Client(config)

const generateS3UploadUrl = async (key: string): Promise<string> => {
  const command = new PutObjectCommand({
    Bucket: process.env.BUCKET_NAME,
    Key: key,
    ContentType: 'image/jpeg'
  })

  const url = await getSignedUrl(s3, command, { expiresIn: 3600 })
  return url
}

export { generateS3UploadUrl }

I can generate presigned urls successfully, but when i try to use them i can't, i get "Access Denied". My bucket configuration it's default.

I don't care if the bucket is public, i want to be able to store and get the files using presigned urls

Original Q&A

There are 1 best solutions below

Matias Pizzi On 01 November 2023 at 05:16 BEST ANSWER

I solved it disabling the Public Access Block in permissions and using this bucket policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::bucket-name/*"
        }
    ]
}

S3 presigned url access denied

There are 1 best solutions below

Related Questions in NODE.JS

Related Questions in TYPESCRIPT

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in PRE-SIGNED-URL

Trending Questions

Popular # Hahtags

Popular Questions