0

Hi guys I am trying to delete objects from my s3 bucket using node js here is my server side script that will execute

var aws = require('aws-sdk');
var s33 = new aws.S3();
aws.config.update({
    accessKeyId: "xxxxxxxxxxxxxxxxxxxxxx",
    secretAccessKey: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    bucket : "xxxxxxxxxxxx",
    region: "us-east-1"
});

app.post('/deleteObj',function(req, res) {
        var params = {
          Bucket: 'xxxxxxxxxxxxx',
          Delete: { // required
            Objects: [ // required
              {
                Key: 'some-key' // required
              },
              /*{
                Key: 'sample-image--10.jpg'
              }*/
            ],
          },
        };

        s33.deleteObjects(params, function(err, data) {
          if (err) console.log(err, err.stack); // an error occurred
          else     console.log(data);           // successful response
        });

    });

It is showing an error of missing credentials that should not happen as I am able to do a browser-based POST upload using these credentials only.

here is the error log:

CredentialsError: Missing credentials in config
    at IncomingMessage.<anonymous> (/home/ubuntu/xxxxxx/node_modules/aws-sdk/lib/util.js:864:34)
    at emitNone (events.js:91:20)
    at IncomingMessage.emit (events.js:185:7)
    at endReadableNT (_stream_readable.js:974:12)
    at _combinedTickCallback (internal/process/next_tick.js:80:11)
    at process._tickDomainCallback (internal/process/next_tick.js:128:9)
  message: 'Missing credentials in config',
  retryable: false,
  time: 2017-11-17T06:43:51.657Z,
  code: 'CredentialsError',
  originalError:
   { message: 'Could not load credentials from any providers',
     retryable: false,
     time: 2017-11-17T06:43:51.657Z,

here is the cors config of the bucket take a look into this if it helps:

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>http://xxxxxxxxxxxxxxxxxxxxxxxxxxxx</AllowedOrigin>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>

Let me know your thoughts on this.

-Thanks

sidd
  • 629
  • 10
  • 30
  • Now I look at it closer I don't think my answer is correct. Why are you trying to delete items with a POST request? – Imre_G Nov 17 '17 at 07:43
  • this is just for a test to check if they are getting deleted or not ..... when I complete writing this then it will look like if the person has uploaded the image then he will be able to delete it with the help of key with the post request.... – sidd Nov 17 '17 at 07:45
  • CORS is used by the browser. The only method that the browser should be calling is GET. Delete POST, PUT and DELETE (if present) unless there is a very specific reason to allow those methods. Note: in AllowedHeader change from "Authorization" to "*" - exception if you are actually using authorization and including the "Authorization:" HTTP header. – John Hanley Nov 17 '17 at 08:15
  • Possible duplicate of [AWS Missing credentials when i try send something to my S3 Bucket (Node.js)](https://stackoverflow.com/questions/26284181/aws-missing-credentials-when-i-try-send-something-to-my-s3-bucket-node-js) – fmsf Jun 17 '18 at 15:55

1 Answers1

2

When you are using the AWS API, CORS is not involved.

Your problem is that you are assigning your credentials after you create the S3 client.

Change your code to look like this:

var aws = require('aws-sdk');

aws.config.update({
    accessKeyId: "xxxxxxxxxxxxxxxxxxxxxx",
    secretAccessKey: "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    bucket : "xxxxxxxxxxxx",
    region: "us-east-1"
});

var s33 = new aws.S3();
John Hanley
  • 74,467
  • 6
  • 95
  • 159
  • YES you were right.... but now the error has changed to { Deleted: [], Errors: [ { Key: 'xyzzz', Code: 'AccessDenied', Message: 'Access Denied' } ] } – sidd Nov 17 '17 at 08:03
  • This means that the credentials (Access Key) does not have permissions to delete the object (Key: xyzzz). Use the Amazon Console, IAM, look at the IAM User Policy (or Role if assigning a role to an instance) and verify your required permissions. You will need s3:DeleteObject. – John Hanley Nov 17 '17 at 08:06
  • You are welcome. Be sure to read my comments on changing your CORS configuration. – John Hanley Nov 17 '17 at 08:18