AWS S3 Uploader - Setting Security Rules on Account

marcus · August 19, 2019, 6:30pm

Hi, I’m able to upload, retrieve and delete files fine now. Thanks to @Dumitru for helping me with my problems.

I’m now looking at making my AWS bucket more secure since everything but my CORS policy is public. So I’m looking at the permissions section of your tutorial: https://docs.zeroqode.com/plugins/aws-file-uploader-plugin

I’m testing these one at a time individually, and getting some issues:

On number one “Block public access” I’m just getting 403 forbidden when uploading.

Same error as #1
Not sure what to do here, unfamiliar with AWS’ actions as outlined here: Amazon S3 actions - Amazon Simple Storage Service
Works great.

Honestly not very familiar with AWS settings, would appreciate any help, thanks

levon · August 20, 2019, 6:08am

Hi Marcus,
we’ll check this out

levon · August 20, 2019, 6:59am

Hi Marcus,
For the time being please uncheck “Block All Public Access.”
meanwhile we’ll continue working on security updates and will get back here once tested.
Thanks!

marcus · August 25, 2019, 12:16pm

Hi @levon

Any updates on this?

levon · August 26, 2019, 6:38am

Not yet, it might take some while, Marcus
sorry about that

Dumitru · September 26, 2019, 10:36am

Hello @marcus

Sorry for long time inquiry, we did check the documentation on AWS and made some testing alongside so we added Security Settings for AWS plugin which you could see in our doc how it is set - https://docs.zeroqode.com/plugins/aws-file-uploader-plugin#additional-security for additional security rules for your bucket.

Give it a try, however for more in depth Security policies, you’re still better with following Amazon’s Doc - https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html

Best,
Dumitru.