[英]How to fix '403 Forbidden' when putting to S3 presigned URL
I am trying to put an image onto an S3 bucket using a presigned url. 我正在尝试使用预签名的URL将图像放入S3存储桶。 I'm using SAM to host the site locally and the PUT request works correctly. 我正在使用SAM在本地托管站点,并且PUT请求可以正常工作。 However when running the command on my prod server I get a '403 Forbidden' error. 但是,在生产服务器上运行命令时,出现“ 403 Forbidden”错误。
Worth noting the OPTIONS request works fine, get 200 code, but next when the PUT is sent get 403 code. 值得一提的是,OPTIONS请求可以正常工作,获取200个代码,但是接下来发送PUT时获取403代码。
Things I have already tried: 我已经尝试过的事情:
Nothing worked still get '403 Forbidden' 什么都没有得到'403 Forbidden'
JQuery Ajax: jQuery Ajax:
$.ajax({
url: presignedUrl,
type: 'PUT',
data: image,
contentType: image.type,
processData: false,
success: function (response) {
// window.location = '/Prod/';
}
});
Creating presigned url: 创建预签名的网址:
$cmd = $this->client->getCommand('PutObject', [
'Bucket' => env('AWS_BUCKET'),
'Key' => 'images/' . $request->input('image_name'),
]);
return $this->client->createPresignedRequest($cmd, '+20 minutes')->getUri();
General from '403 Forbidden': 一般从“ 403 Forbidden”开始:
Request Method: PUT
Status Code: 403 Forbidden
Referrer Policy: no-referrer-when-downgrade
Response Headers from '403 Forbidden': 来自“ 403 Forbidden”的响应标题:
Access-Control-Allow-Methods: GET, POST, PUT, HEAD
Access-Control-Allow-Origin: *
Connection: close
Content-Type: application/xml
Date: Wed, 15 May 2019 15:02:35 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2: e5WZfJAQk24kl7kBoF+HU8+AOiR7ivTIcUZ71dZl0Ssged03RThlCRtku+AmhRRUwFe1p63cL4Q=
x-amz-request-id: 4767484BEBE4EC07
Request Headers from '403 Forbidden': 从“ 403 Forbidden”请求标头:
Accept: */*
Content-Type: image/jpeg
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36
Locally the put request works correctly and has no errors. 在本地放置请求可以正常工作,并且没有错误。
Eventually fixed the issue. 最终解决了该问题。
I had specified the credentials in the S3 Client, removing them allowed the role of the lambda function to access S3 correctly. 我已经在S3 Client中指定了凭据,将其删除可以使lambda函数的角色正确访问S3。
Incorrect: 不正确:
$this->client = new S3Client([
'credentials' => [
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
],
'region' => env('AWS_DEFAULT_REGION'),
'version' => 'latest',
]);
Correct: 正确:
$this->client = new S3Client([
'region' => env('AWS_DEFAULT_REGION'),
'version' => 'latest',
]);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.