Upload objects to private S3 is not working

After doing a big research, I’ve not found any guide to upload images to S3 with private ACL.

I’m experiencing a weird behavior where the backups work but not uploadimg of images.

I narrowed the issue down to a problem with ACL of the bucket (I proved that the problem is the ACL since I’m able to upload file using the sdk without specifing the ACL flag). In some cases the “block access to public” permission are set at account level and not bucket level so deactivating the checkbox in the bucket config won’t work.

I noticed that the S3 upload config code was updated, and now the ACL is set based on a param, is there away to pass that config down? discourse/s3_store.rb at tests-passed · discourse/discourse · GitHub

1 Like

Secure Media Uploads describes how to limit uploads to logged in users. Perhaps that will help?

2 Likes

I tried that, images get uploaded but I get a 500 error in the dashboard with no clue, no logs

@mahcr ,

I face the same issue. I can do backup but can’t upload image due to “The bucket does not allow ACLs”.

For IAM, I attached AmazonS3FullAccess policy, but still same error.

Do you have any solution?

1 Like

I’m having the same issue: backup works but upload doesn’t.

This guide is outdated:

This guide seems to be valuable for the CDN part, but is not the full solution:

I got the same issue, too. Backup upload works but image upload shows “The bucket does not allow ACLs”
And it fixed by modifying one permission in IAM and two settings in bucket

First I changed the guide about IAM permission from “s3:HeadBucket” to “s3:ListBucket” because Amazon said HeadBucket is not a valid permission

Then I follow the guide to exactly as same as in permission page in bucket

Then the most important part, enable ACLs, it’s called Edit Object Ownership in permission tab, with ACLs enabled and set to object writer, everything just fine now

Hope my experience can help you

1 Like