Can’t setup S3 For CDN

  • Resolved jjopllin

    (@jjopllin)


    3 years, 3 months ago

    Can’t use S3 for a CDN with W3 Total Cache.
    General Settings have CDN Enabled for Amazon Simple Storage Services (S3). I’ve created a User and set access in the CDN tab with access,secret key and bucket name. Setup IAM user with keys that worked fine when I use it with ‘s3cmd’ to copy files to S3. Here’s the JSON:

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1339423675421",
            "Action": [
                "s3:DeleteObject",
                "s3:Get*",
                "s3:Put*"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::hellhippie",
                "arn:aws:s3:::hellhippie/*"           ]
        },
        {
            "Sid": "Stmt1339423675422",
            "Action": "s3:List*",
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

    However, when I try the Test S3 Upload, I get the error below. It looks like it is trying to set an ACL on the uploaded file however this should be enabled in the Put* allow in the JSON.

    Error: Error executing "PutObject" on "https://hellhippie.s3.us-west-1.amazonaws.com/test_s3_b75769090c596cc8e12d048908673bd6"; AWS HTTP error: Client error:PUT https://hellhippie.s3.us-west-1.amazonaws.com/test_s3_b75769090c596cc8e12d048908673bd6resulted in a400 Bad Request` response: AccessControlListNotSupportedThe bucket does not all (truncated…) AccessControlListNotSupported (client): The bucket does not allow ACLs – AccessControlListNotSupported

    The page I need help with: [log in to see the link]

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @jjopllin

    Thank you for reaching out and I am happy to assist you with this.
    Can you please check the bucket access status? It should be set to “Objects can be public”.
    Let me know if this helps!
    Thanks!

    Thread Starter jjopllin

    (@jjopllin)

    The bucket is set to Public with the permissions below:

    Name AWS Region Access
    hellhippie US West (N. California) us-west-1 Public

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Allow Public GetObject Access",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": [
                "arn:aws:s3:::hellhippie",
                "arn:aws:s3:::hellhippie/*"
            ]
        }
    ]
}
    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @jjopllin

    I’ve made some tests and created a bucket via W3TC>CDN settings.
    You should make sure to check ACLs configuration.
    Thanks!

    Thread Starter jjopllin

    (@jjopllin)

    “Create as new bucket” also fails. So I created the bucket in S3 and gave it the permissions above. It looks like the api is trying to set files to public_read and that is failing.

    The PutObjectACL is included in the user’s permissions, so I’m stuck at this point.

    Any ideas what is causing the error?

    Thread Starter jjopllin

    (@jjopllin)

    In the Object Ownership tab for Permissions on the bucket, the “ACLs enabled” needs to be checked. The default is No ACLs, thus when the IAM user tries to upload a file and set it’s ACL, it will fail unless Object Ownership as ACLS enabled.

    Seems to be working now, thanks for articles – it was clear from the articles that it was something about the ownership of the bucket that was off.

    Plugin Contributor Marko Vasiljevic

    (@vmarko)

    Hello @jjopllin

    Thank you for the information.
    You are most welcome and I am glad the problem is resolved now.
    Thanks!

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Can’t setup S3 For CDN’ is closed to new replies.

Tags