2

I trying upload a file to Amazon s3
This is the params that i send params send

and the api return this error of permiss error response

This are my cors configuration

<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>DELETE</AllowedMethod>
    <AllowedHeader>*</AllowedHeader>
    <ExposeHeader>ETags</ExposeHeader>
    <ExposeHeader>x-amz-acl</ExposeHeader>
    <ExposeHeader>x-amz-request-id</ExposeHeader>      
</CORSRule>

apaternina
  • 381
  • 5
  • 14
  • https://stackoverflow.com/questions/17585881/amazon-s3-direct-file-upload-from-client-browser-private-key-disclosure?rq=1 – Rishabh Mar 03 '17 at 13:37
  • I using AWS.S3 javascript api, and this allow accessKeyId and secretAccessKey, and if no send the params ACL and GrandFullControl all do fine, but if i send this two params, i get this error. – apaternina Mar 03 '17 at 13:40

1 Answers1

1

The error message is "Specifying both canned ACLs and Header Grants is not allowed". (FYI for future posts, please include the error message directly in your question)

When putting an object, you can supply either a canned ACL or a specific grant/grantee, but not both. You have supplied both.

If your goal is to allow read by any authenticated user, then just use the canned ACL option of authenticated-read. That will give the object owner FULL_CONTROL and will give the AuthenticatedUsers group READ access. See Canned ACLS for more details.

PS you're also using GrantFullControl incorrectly. Its value needs to be a grantee, not a permission string such as 'READ'.

jarmod
  • 71,565
  • 16
  • 115
  • 122