Hello, I’m coming across an issue at this point in the tutorial. Seems like a few before had the same issue. I tried adding he Amazons3fullaccess, but that didn’t work. My IAM policy and permissions for my S3 bucket look good to me.
Code for backend is here and code for frontend is here.
I encountered the same problem today while going through this tutorial and my Chrome console shows similar error messages as @frontendsomething presented.
I have used region eu-central-1, but otherwise proceed as instructed. My S3 bucket has the following CORS:
Why does Storage.vault.put() know the target directory to upload the file to? As my understanding, we already set the s3 bucket name when we call Amplify.configure(), however, we didn’t tell Amplify which directory in that bucket we want to upload the file to. Why does Amplify automatically create private/${cognito-identity.amazonaws.com:sub} directory in that bucket?
This definitely seems like an issue with the CORS settings for the S3 bucket. But before that I would check to make sure that the file that it is pointing to exists.
Go into your AWS console for S3 and check if this file exists:
I have been working through this tutorial, and have been able to get everything working up until this point: I’m getting “access denied” errors when I try to upload an object to the s3 bucket. I have double checked the CORS settings, messed around a little with the IAM role settings, so far to no avail. At some point I must have had it all correct, because there are a couple of objects that did get put in a private sub-bucket, but I’m not able to reproduce it, and I can’t recall ever not getting the access denied error (with the exception of trying the full ARN of the bucket instead of the bucket name, which resulted in “network error”). I followed the chapters in order, I’ve gone back and revisited the bucket creation and the user pool roles, it all appears good, but something must be wrong because it’s not working. Any suggestions how to best proceed debugging this will be greatly appreciated.
I tested the OPTION 1 and now I can add notes with attachment in S3. My teacher says that the problem is because the URL is http://localhost:3000 and AWS requires an authorized domain.
I tried to test the API without the front end, by using the npx command in the chapter ‘Test the APIs’, but eventually I realized that it is only in the front end that the file is uploaded…
Curiouser and curiouser. I wanted to install the amplify-cli to hit it from a different angle. I had problems installing it until I uninstalled and reinstalled node (using home-brew on Mac). I ran amplify init, which created a few more buckets, but I didn’t connect the new buckets to the app. But for whatever reason, now file uploads are working from the app running locally. However - the deployed app loaded from the S3 deployment bucket still throws access denied errors on file upload!? I thought that perhaps whatever had changed that caused the local version to work might need to be uploaded to the deployment bucket, so I redid ‘nom run build’, followed by ‘aws s3 sync build/ …’ But the result is the same. This seems really odd to me - both versions are connecting to the same back-end, from the same browser on my machine, and presumably are running the same code? Ack!
Update: after re-deploying (with no substantive changes), now it works in both places!?
Is it a security concern letting the react app directly upload to a S3 bucket? I’m not familiar with React and haven’t used it before this tutorial, but it’s frontend and the user has access to the js scripts right? So someone could abuse it and upload an arbitrary amount of files into the bucket. Would it be better to handle the upload through another lambda function?