How do you specify an ACL policy when creating an S3 signed URL with Clojure's Amazonica?
up vote
4
down vote
favorite
I'm trying to make an upload have an ACL of public-read. The docs are super thin for Amazonica, and after hours of tinkering, I'm no closer to figuring out how to accomplish this goal. In short, I can't figure out how to get it to sign the header.
Server side, my code looks like this.
(s3/generate-presigned-url
creds
{:bucket-name "mybucket"
:method "PUT"
:expires 10000
:key "my-key"
:cache-control "max-age=31557600;"
:request-parameters {:x-amz-acl "public-read"}
})
Client side, I grab the URL that creates and do an XHR PUT request
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
And this works perfectly, with the exception that it has the wrong ACL: "private" rather than "public"
Adding it client side is easy
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.setRequestHeader('x-amz-acl', 'public-read')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
But the request of course fails due to HeadersNotSigned. I can't at all figure out how to add it server side so that they get signed. The SignedHeaders section never includes any additional parameters.
I've blindly tried all sorts of combos
(s3/generate-presigned-url
creds
{:headers {:x-amz-acl "public-read"}
:x-amz-acl "public-read"
:metadata {:x-amz-acl "public-read"}
:signed-headers {:x-amz-acl "public-read"}
:amz-acl "public-read"
:x-amz-signed-headers {:x-amz-acl "public-read"}
:X-Amz-SignedHeaders ["x-amz-acl"]
:request-parameters {:x-amz-acl "public-read"}
})
How do you add an ACL policy to a signed url?
amazon-s3 clojure amazonica
edited 2 days ago
akond
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
4
down vote
favorite
I'm trying to make an upload have an ACL of public-read. The docs are super thin for Amazonica, and after hours of tinkering, I'm no closer to figuring out how to accomplish this goal. In short, I can't figure out how to get it to sign the header.
Server side, my code looks like this.
(s3/generate-presigned-url
creds
{:bucket-name "mybucket"
:method "PUT"
:expires 10000
:key "my-key"
:cache-control "max-age=31557600;"
:request-parameters {:x-amz-acl "public-read"}
})
Client side, I grab the URL that creates and do an XHR PUT request
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
And this works perfectly, with the exception that it has the wrong ACL: "private" rather than "public"
Adding it client side is easy
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.setRequestHeader('x-amz-acl', 'public-read')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
But the request of course fails due to HeadersNotSigned. I can't at all figure out how to add it server side so that they get signed. The SignedHeaders section never includes any additional parameters.
I've blindly tried all sorts of combos
(s3/generate-presigned-url
creds
{:headers {:x-amz-acl "public-read"}
:x-amz-acl "public-read"
:metadata {:x-amz-acl "public-read"}
:signed-headers {:x-amz-acl "public-read"}
:amz-acl "public-read"
:x-amz-signed-headers {:x-amz-acl "public-read"}
:X-Amz-SignedHeaders ["x-amz-acl"]
:request-parameters {:x-amz-acl "public-read"}
})
How do you add an ACL policy to a signed url?
amazon-s3 clojure amazonica
edited 2 days ago
akond
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
up vote
4
down vote
favorite
up vote
4
down vote
favorite
I'm trying to make an upload have an ACL of public-read. The docs are super thin for Amazonica, and after hours of tinkering, I'm no closer to figuring out how to accomplish this goal. In short, I can't figure out how to get it to sign the header.
Server side, my code looks like this.
(s3/generate-presigned-url
creds
{:bucket-name "mybucket"
:method "PUT"
:expires 10000
:key "my-key"
:cache-control "max-age=31557600;"
:request-parameters {:x-amz-acl "public-read"}
})
Client side, I grab the URL that creates and do an XHR PUT request
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
And this works perfectly, with the exception that it has the wrong ACL: "private" rather than "public"
Adding it client side is easy
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.setRequestHeader('x-amz-acl', 'public-read')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
But the request of course fails due to HeadersNotSigned. I can't at all figure out how to add it server side so that they get signed. The SignedHeaders section never includes any additional parameters.
I've blindly tried all sorts of combos
(s3/generate-presigned-url
creds
{:headers {:x-amz-acl "public-read"}
:x-amz-acl "public-read"
:metadata {:x-amz-acl "public-read"}
:signed-headers {:x-amz-acl "public-read"}
:amz-acl "public-read"
:x-amz-signed-headers {:x-amz-acl "public-read"}
:X-Amz-SignedHeaders ["x-amz-acl"]
:request-parameters {:x-amz-acl "public-read"}
})
How do you add an ACL policy to a signed url?
amazon-s3 clojure amazonica
edited 2 days ago
akond
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm trying to make an upload have an ACL of public-read. The docs are super thin for Amazonica, and after hours of tinkering, I'm no closer to figuring out how to accomplish this goal. In short, I can't figure out how to get it to sign the header.
Server side, my code looks like this.
(s3/generate-presigned-url
creds
{:bucket-name "mybucket"
:method "PUT"
:expires 10000
:key "my-key"
:cache-control "max-age=31557600;"
:request-parameters {:x-amz-acl "public-read"}
})
Client side, I grab the URL that creates and do an XHR PUT request
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
And this works perfectly, with the exception that it has the wrong ACL: "private" rather than "public"
Adding it client side is easy
var xhr = new XMLHttpRequest();
xhr.open("PUT", signedUrl);
xhr.setRequestHeader('Cache-Control', 'max-age=31557600')
xhr.setRequestHeader('x-amz-acl', 'public-read')
xhr.onload = ...
xhr.onerror = ...
xhr.send(file);
But the request of course fails due to HeadersNotSigned. I can't at all figure out how to add it server side so that they get signed. The SignedHeaders section never includes any additional parameters.
I've blindly tried all sorts of combos
(s3/generate-presigned-url
creds
{:headers {:x-amz-acl "public-read"}
:x-amz-acl "public-read"
:metadata {:x-amz-acl "public-read"}
:signed-headers {:x-amz-acl "public-read"}
:amz-acl "public-read"
:x-amz-signed-headers {:x-amz-acl "public-read"}
:X-Amz-SignedHeaders ["x-amz-acl"]
:request-parameters {:x-amz-acl "public-read"}
})
How do you add an ACL policy to a signed url?
amazon-s3 clojure amazonica
amazon-s3 clojure amazonica
edited 2 days ago
akond
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
akond
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 2 days ago
akond
11.6k32646
edited 2 days ago
akond
11.6k32646
edited 2 days ago
akond
11.6k32646
11.6k32646
asked Nov 20 at 23:36
el_foobar
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Nov 20 at 23:36
el_foobar
211
asked Nov 20 at 23:36
el_foobar
211
211
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
el_foobar is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
I don't have a direct answer to that, but a workaround for your consideration: making all objects in your s3 bucket default to public-read.
You can do this by adding this bucket policy to your bucket (replace bucketnm of course):
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
answered 2 days ago
celwell
81631126
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
I don't have a direct answer to that, but a workaround for your consideration: making all objects in your s3 bucket default to public-read.
You can do this by adding this bucket policy to your bucket (replace bucketnm of course):
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
answered 2 days ago
celwell
81631126
add a comment |
up vote
0
down vote
I don't have a direct answer to that, but a workaround for your consideration: making all objects in your s3 bucket default to public-read.
You can do this by adding this bucket policy to your bucket (replace bucketnm of course):
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
answered 2 days ago
celwell
81631126
add a comment |
up vote
0
down vote
up vote
0
down vote
I don't have a direct answer to that, but a workaround for your consideration: making all objects in your s3 bucket default to public-read.
You can do this by adding this bucket policy to your bucket (replace bucketnm of course):
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
answered 2 days ago
celwell
81631126
I don't have a direct answer to that, but a workaround for your consideration: making all objects in your s3 bucket default to public-read.
You can do this by adding this bucket policy to your bucket (replace bucketnm of course):
{
"Id": "Policy1397632521960",
"Statement": [
{
"Sid": "Stmt1397633323327",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucketnm/*",
"Principal": {
"AWS": [
"*"
]
}
}
]
}
answered 2 days ago
celwell
81631126
answered 2 days ago
celwell
81631126
answered 2 days ago
celwell
81631126
answered 2 days ago
celwell
81631126
81631126
add a comment |
add a comment |
el_foobar is a new contributor. Be nice, and check out our Code of Conduct.
el_foobar is a new contributor. Be nice, and check out our Code of Conduct.
el_foobar is a new contributor. Be nice, and check out our Code of Conduct.
el_foobar is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53403225%2fhow-do-you-specify-an-acl-policy-when-creating-an-s3-signed-url-with-clojures-a%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
