Backend: Cognito and S3.
Frontend: React with aws-amplify.
Basic functionality works. I now need fine grained access control over directories in the S3 bucket. e.g. user-test can only access files in s3::my-bucket/user-test
The plan is to add user attributes (Principal Tag Attributes for access control) to the Federated Identity, which can be referenced on a per user basis in the Authorising Policy. However, the Amplify Storage component(s) break with ANY user attributes.
Any Storage request (list, get, put... ) returns this error:
AWSS3Provider - get signed url error TypeError: Cannot read properties of undefined (reading 'byteLength')
Uncaught (in promise) TypeError: Cannot read properties of undefined (reading 'byteLength')
at isEmptyData (isEmptyData.ts:11)
at Sha256.update (webCryptoSha256.ts:32)
at Sha256.update (crossPlatformSha256.ts:23)
at hmac (credentialDerivation.ts:69)
at credentialDerivation.ts:39
at step (tslib.es6.js:100)
at Object.next (tslib.es6.js:81)
at tslib.es6.js:74
at new Promise (<anonymous>)
at __awaiter (tslib.es6.js:70)
at getSigningKey (credentialDerivation.ts:37)
at SignatureV4.getSigningKey (SignatureV4.ts:307)
at SignatureV4.<anonymous> (SignatureV4.ts:153)
at step (tslib.es6.js:100)
at Object.next (tslib.es6.js:81)
at fulfilled (tslib.es6.js:71)
I suspect my use case is beyond the scope of aws-amplify, what should I use instead?
