Home > OS >  Amazon S3 getObject() receives access denied with NodeJS
Amazon S3 getObject() receives access denied with NodeJS

Time:10-17

I'm trying to get a file stored in Amazon S3 with nodeJS but I get access denied from aws.

AccessDenied: Access Denied at Request.extractError (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/services/s3.js:699:35) at Request.callListeners (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:688:14) at Request.transition (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/state_machine.js:14:12) at /home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request. (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:38:9) at Request. (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/request.js:690:12) at Request.callListeners (/home/marc/Disco/Projects/AtlasFitness/server/node_modules/aws-sdk/lib/sequential_executor.js:116:18)

Here are is the User policy: enter image description here

Get Object expanded:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::atlasfitness-progress-s3/*"
        }
    ]
}

Here is my CORS policy:

[
    {
        "AllowedHeaders": [
            "*"
        ],
        "AllowedMethods": [
            "PUT",
            "GET",
            "DELETE"
        ],
        "AllowedOrigins": [
            "*"
        ],
        "ExposeHeaders": []
    }
]

Here is the code in NodeJS:

import AWS from 'aws-sdk';

const s3 = new AWS.S3({
    region: process.env.AWS_BUCKET_REGION,
    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
}) 

export const getFileS3 = (fileKey) => {
    const dowloadParams = {
        Key: fileKey,
        Bucket: 'atlasfitness-progress-s3'
    }

    return s3.getObject(dowloadParams).createReadStream()
}

If anyone know how to fix it please I'll be very gratefull for your help, I'm a beginner with AWS.

CodePudding user response:

Your ACL configuration is untouched, your policy is correct, you don't have any restricting bucket policies & your code also looks perfectly fine to me.

Double-check that fileKey contains the full key for the object e.g. folder1/folder2/folder3/myFile.extension.

A file probably does not exist with the key you've specified - make sure fileKey's value is an exact match of the object's key.

The reason you get a 403 Access Denied response instead of a 404 Not Found response is you do not have permissions for s3:ListBucket - read the reasons why AWS returns 403 instead of 404 for security reasons in my answer here.

Page link:https//www.codepudding.com/os/155280.html

Prev:Opting out of Dark Mode with iOS 15 using Xcode 13
Next:Lambda calling update_item, error: Invalid UpdateExpression: Incorrect operand type for operator or
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding