How to configure aws s3 bucket to accept signed urls on Heroku?

Question

I am using Node.js to get a signed url from aws s3 using the putObject from the (aws-sdk) module. When I run my server locally there is no problem with the upload to S3. When I deploy my code to heroku and choose a file to upload I'm getting the following error in my chrome console:

https://torhuw-hrns.s3.amazonaws.com/5f522890-0283-11e6-a696-b1fc6f56c785-T …4&Signature=P7ybw4%2B2qqNRNKTZbc%2FMWLhPn1o%3D&x-amz-acl=public-read-write Failed to load resource: the server responded with a status of 403 (Forbidden)

I am using Node.js (aws-sdk) s3getSignedUrl method to get the signature and sending this to the front end to upload my files to my s3 bucket.

The tutorial I followed is Direct to S3 File Uploads in Node.js

Answer 1

Double-check your S3 bucket's permissions and CORS configuration. You need to make sure that the policy allows "s3:PutObject" on your bucket and you need to make sure that the CORSRule allows PUT/POST and allows your app's domain.

To debug these things, you may consider temporarily relaxing all the permissions to "wide open" and checking that it works when completely unrestricted.

Answer 2

Okay I solved this by creating a new bucket updating the CORS configuration, creating new access_key_ID and access_secret_access_key and updating heroku environment variables (I also selected the bucket to be in the same region as my heroku app, not sure, however, whether this was the solution). The CORS configuration used was:

 <?xml version="1.0" encoding="UTF-8"?> <CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <CORSRule> <AllowedOrigin>*</AllowedOrigin> <AllowedMethod>GET</AllowedMethod> <AllowedMethod>POST</AllowedMethod> <AllowedMethod>PUT</AllowedMethod> <AllowedHeader>*</AllowedHeader> </CORSRule> </CORSConfiguration>