1

I have a web app that enables users to make posts that contain files, these files are hosted using AWS S3 Buckets. (I'm using Node.js + Express)

Users can successfully post files and retrieve them, but the problem relies in deleting a file, as I get an "Access Denied" response.

Although when I created the S3 Bucket, I've allowed the Put, Get, and Delete permissions. And to verify that, I've copied the JSON from access-policy section:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": "arn:aws:s3:::saud-demo-bucket/*"
        }
    ]
}

And to also verify that the credentials and the data passed in my node.js app are correct, I've placed console.log() statements to see the data passed into the getFileFromS3() function and the deleteFileFromS3() function:

Get file from S3 Bucket:

async function getFileFromS3(req) {

  console.log("REQ.QUERY.S3FILENAME IN GET FUNCTION IS:");
  console.log(req.query.s3FileName);

  const params = {
    Bucket: bucketName,
    Key: req.query.s3FileName,
  };

  const command = new GetObjectCommand(params);
  const file = await s3.send(command);

  if (file.$metadata.httpStatusCode === 200) {
    console.log("File retreived successfully!");
    return {
      success: true,
      file,
    };
  } else {
    console.log("Error retreiving file ..");
    return {
      err: true,
      file,
    };
  }
}

Delete file from S3 Bucket:

async function deleteFileFromS3(req) {
  console.log("REQ.QUERY.S3FILENAME IN DELETE FUNCTION IS:");
  console.log(req.query.s3FileName);

  const params = {
    Bucket: bucketName,
    Key: req.query.s3FileName,
  };

  const command = new DeleteObjectCommand(params);
  const result = await s3.send(command);

  if (result.$metadata.httpStatusCode === 200) {
    console.log("File deleted successfully!");
    return true;
  } else {
    console.log("Error deleting file ..");
    return false;
  }
}

Terminal Output:

[nodemon] starting `node server/server.js`
Listening ...
Connected to database successfully!
REQ.QUERY.S3FILENAME IN GET FUNCTION IS:
5e55c3065c73e828dfe2a5e1c1cf777f8ad9235b8cf3dbbcf6572f03979b32cb.docx
File retreived successfully!
REQ.QUERY.S3FILENAME IN DELETE FUNCTION IS:
5e55c3065c73e828dfe2a5e1c1cf777f8ad9235b8cf3dbbcf6572f03979b32cb.docx
(node:15800) UnhandledPromiseRejectionWarning: AccessDenied: Access Denied
    at throwDefaultError (C:\Users\user\Desktop\Folders\Dev\Web\Projects\seu-students\node_modules\@aws-sdk\smithy-client\dist-cjs\default-error-handler.js:8:22)

I don't have experience in s3 buckets, and I haven't messed with something at all, I just followed a tutorial on how to do so.

So how can I tackle this issue?

Saud Alghamdi
  • 149
  • 1
  • 9
  • Looks like this is IAM permission issue. Similar question has already raised. You can check this thread. https://stackoverflow.com/questions/39620873/why-is-my-access-denied-on-s3-using-the-aws-sdk-for-node-js – Raj Paliwal Mar 17 '23 at 16:24

1 Answers1

0

I solved my problem by deleting then re-creating the IAM user (which in this case is my web app) who is accessing the S3 bucket.

Seems that I've done something wrong the first time I created the IAM user and attached the policies.

I'm following a tutorial so I might missed a step or something.

Saud Alghamdi
  • 149
  • 1
  • 9