Invalid according to Policy: Policy Condition failed: ["eq", "$acl", "public-read"] from postman

Question

Hey I using this for setting up direct upload using presigned url to S3. https://devcenter.heroku.com/articles/s3-upload-python In Cors policy i have kept: allowed origin * rest everything is same.

After I get a presigned response,I use postman to try to upload a image file to s3. But a error seems to appear:

"Invalid according to Policy: Policy Condition failed:"eq", "$acl", "public-read""

I think I m screwing up with cors policy or something.

PS: The public access to S3 bucket is all blocked...Do i need to disable it for this to work?

The bucket policy is also blank..Do I need to add something there. (Sorry for noob stuff).

Thanks in advance.

Answer 1

From the link you have referenced, the pre-signed URL you are generating allows the uploaded object to be publicly readable whereas the bucket blocks Public access to the bucket and its objects.

You can either disable the settings for blocking public access if the objects in the bucket can be publicly exposed. Refer the documentation here.

Or, you can update the generate_presigned_post method to set the ACL to be private

 presigned_post = s3.generate_presigned_post(
    Bucket = S3_BUCKET,
    Key = file_name,
    Fields = {"acl": "private", "Content-Type": file_type},
    Conditions = [
      {"acl": "private"},
      {"Content-Type": file_type}
    ],
    ExpiresIn = 3600
  )