GithubHelp home page GithubHelp logo

Comments (6)

patcon avatar patcon commented on June 3, 2024 4

Ok, after some experimentation, found the minimal permissions for bucket and plugin setup is:

{
  s3Options: {
    // ...
  },
  s3UploadOptions: {
    ACL: '',
    Bucket: 'YOURBUCKET'
  }
}

IAM > Users > YOURUSER > Permissions > Add inline policy (JSON):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::YOURBUCKET/*"
        }
    ]
}

S3 > YOURBUCKET > Permissions > Block public access: All "OFF"

S3 > YOURBUCKET > Permissions > Bucket Policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowPublicRead",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::YOURBUCKET/*"
        }
    ]
}

from s3-plugin-webpack.

SunSparc avatar SunSparc commented on June 3, 2024 1

It would be nice to see documented exactly which actions are required for this plugin to work. I do not like giving more privileges than necessary. I use the following policy for other services and it works. But with s3-plugin-webpack I get Access Denied. So what else is this plugin trying to do?

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::mybucket/*"
        }
    ]
}

Another policy example is in issue #62.

from s3-plugin-webpack.

patcon avatar patcon commented on June 3, 2024 1

This is really helpful @SunSparc :) I'll try to upstream a doc change when I'm next using this plugin

from s3-plugin-webpack.

SunSparc avatar SunSparc commented on June 3, 2024

Well, after going through all the permissions myself it turns out that s3-plugin-webpack also needs the PutObjectAcl by default, unless ACL: "", is added to the s3UploadOptions, which was mentioned on #28.

from s3-plugin-webpack.

mapineda avatar mapineda commented on June 3, 2024

@patcon Does

{
  s3Options: {
    // ...
  },
  s3UploadOptions: {
    ACL: '',
    Bucket: 'YOURBUCKET'
  }
}

"YOURBUCKET" have to be a hardcoded string? Having a difficult time passing this value from an .env using process.env or even using an environment.js file that takes the .env vars and exports them to webpack.

from s3-plugin-webpack.

patcon avatar patcon commented on June 3, 2024

I don't think so, @mapineda :(

from s3-plugin-webpack.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.