All geek questions in one place

Error executing PutObject on AWS, loading fails

I installed the AWS action. and I'm trying to make my first software PUT in S3. I used the console to create a bucket and put things there. I also created a subdirectory (myFolder) and made it public. I created my .aws / credentials file and tried to use sample codes, but I get the following error:

Runtime error "PutObject" at " https://s3.amazonaws.com/gps-photo.org/mykey.txt "; AWS HTTP error: client error: PUT https://s3.amazonaws.com/gps-photo.org/mykey.txt led to 403 Forbidden answer: AccessDenied access DeniedFC49CD (truncated ...) AccessDenied (client): Access denied - AccessDenied Access DeniedFC49CD15567FB9CD1GTYxjzzzhcL + YyYsuYRx4UgV9wzTCQJX6N4jMWwA39PFaDkK2B9R + FZf8GVM6VvMXfLyI / 4abo =

My code

 <?php // Include the AWS SDK using the Composer autoloader. require '/home/berman/vendor/autoload.php'; use Aws\S3\S3Client; use Aws\S3\Exception\S3Exception; $bucket = 'gps-photo.org'; $keyname = 'my-object-key'; // Instantiate the client. $s3 = S3Client::factory(array( 'profile' => 'default', 'region' => 'us-east-1', 'version' => '2006-03-01' )); try { // Upload data. $result = $s3->putObject(array( 'Bucket' => $bucket, 'Key' => "myFolder/$keyname", 'Body' => 'Hello, world!', 'ACL' => 'public-read' )); // Print the URL to the object. echo $result['ObjectURL'] . "\n"; } catch (S3Exception $e) { echo $e->getMessage() . "\n"; }

If anyone can help me, that would be great. Thank you --Len

+6
source share
8 answers

Looks like the same problem I am facing. Add the AmazonS3FullAccess policy to your AWS account.

  • Log in to AWS.
  • In the "Services" section, select "IAM."
  • Choose Users> [User]
  • Open the Permissoins tab.
  • Attach AmazonS3FullAccess Policy to Your Account
+12
source

Braden's approach will work, but it's dangerous. The user will have full access to all your S3 buckets and the ability to enter the console. If the credentials used on the site are compromised, well ...

A safer approach:

  • AWS Console → IAM → Policies → Create Policy
  • Service = S3
  • Actions = (only a minimum value is required, such as List and Read)
  • Resources → Specific → Bucket → Add ARN (put ARN only for required buckets)
  • Resources -> Specific -> Object -> Check Any or put the ARN of specific objects
  • Browse and save to create a policy
  • AWS Console → IAM → Users → Add User
  • Access Type → check only "Program Access"
  • Next: Permissions -> Bind Existing Policies Directly
  • Search and select a newly created policy
  • Browse and save to create user

Thus, you will have access to the user only with the necessary access.

+7
source

I ran into the same problem and found a solution as shown below.

delete row

'ACL' => 'public-read'

default permission with list, read and write, but without permission to modify a specific object (PutObjectAcl in AWS policy).

+6
source

403 assumes your key is incorrect, or the path to the key is incorrect. Have you confirmed that the package is loading the correct key in /myFolder/$keyname ?

It might be useful to try something simpler (instead of worrying about loading file types, paths, permissions, etc.) for debugging.

 $result = $client->listBuckets(); foreach ($result['Buckets'] as $bucket) { // Each Bucket value will contain a Name and CreationDate echo "{$bucket['Name']} - {$bucket['CreationDate']}\n"; }

Taken from http://docs.aws.amazon.com/aws-sdk-php/v2/guide/service-s3.html Also go to the service constructor.

+2
source

The problem was the lack of permissions for the bucket on my own when I added that everything was working fine.

+2
source

I got the same error. Laravel vue project, I upload a file using axios on s3.

I use a wandering estate as my server. It turns out that the time on the virtual box server is not correct. I had to update it with the correct UTC time. After updating, to fix the time that I took from the s3 error, it worked fine.

Error: I deleted confidential information

 message: "Error executing "PutObject" on "https://url"; AWS HTTP error: Client error: 'PUT https://url' resulted in a '403 Forbidden' response:↵<?xml version="1.0" encoding="UTF-8"?><Error><Code>RequestTimeTooSkewed</Code><Message>The difference between the reque (truncated...)↵ RequestTimeTooSkewed (client): The difference between the request time and the current time is too large. - <?xml version="1.0" encoding="UTF-8"?><Error><Code>RequestTimeTooSkewed</Code><Message>The difference between the request time and the current time is too large.</Message><RequestTime>20190225T234631Z</RequestTime><ServerTime>2019-02-25T15:47:39Z</ServerTime><MaxAllowedSkewMilliseconds>900000</MaxAllowedSkewMilliseconds><RequestId>-----</RequestId><HostId>----</HostId></Error>"

Before:

 vagrant@homestead :~$ date Wed Feb 20 19:13:34 UTC 2019

After:

 vagrant@homestead :~$ date Mon Feb 25 15:47:01 UTC 2019
0
source

Sometimes I see this error on Vagrant.

first if in vagrant ssh

 exit

write this to the command line, this will get you out of ssh. after;

 vagrant halt

after;

 vagrant up

so you restart vagrant.

0
source

If you get this error, but you can still upload files, check the basket permissions and try to disable (uncheck) Block all public access and see if you still get the error. You can enable this option again if you wish.

This is an additional security / policy setting added by AWS to prevent object permissions from changing. enter image description here If your application gives you problems or generates a warning, first look at the code and see if you are trying to change any permissions (which you may not want). You can also customize these settings to suit your needs.

Again, you can configure these settings by pressing your S3 bucket, permission / edit.

0
source

Source: https://habr.com/ru/post/1239149/

More articles:


All Articles