Space bucket with ACL issues

Hello community!

I was following several topics all around the internet, but starting by this one :

For background info:

  • I’m developing a PHP 8 API that use s3client.
  • This API is used to generate a preSigned URL to “PutObject” with ACL ‘public-read’

Issue 1: If I upload a document without specifying the ACL then it’s not accessible in read only by unknown users.

Issue 2: If I put ACL attribute in URL generation, then I’m getting a “SignatureDoesNotMatch” as response.

I’m a bit lost on this topic… Any help would be very appreciated

Here is some code I’m using :

private function generatePreSignedURL($type, $extension): string
    $data = [
        'credentials' => [
            'key'    => $this->awsKey,
            'secret' => $this->awsSecret,
        ],        'region' => $this->awsRegion,
        'version' => 'latest',
        'use_path_style_endpoint' => false,
    if ($this->awsEndpoint) {
        $data['endpoint'] = $this->awsEndpoint;
    $s3Client = new S3Client($data);
    $cmdArgs = [
        'Bucket' => $this->awsBucket,
        'Key' => $this->generateKeyObject($type, $extension), // Defines in which folder the file will be stored
        'ACL' => 'public-read' // If I remove this, upload works... But unable to read

    $cmd = $s3Client->getCommand('PutObject', $cmdArgs);
    $request = $s3Client->createPresignedRequest($cmd, $this->awsUrlLifeTime);

    return (string) $request->getUri();

And here is the policy.json file i’ve uploaded to my bucket :

  "Version": "2012-10-17",
  "Statement": [
      "Sid": "PublicRead",
      "Effect": "Allow",
      "Principal": "*",
      "Action": [
      "Resource": "arn:aws:s3:::the-bucket/*"

Where am I missing something? :D

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel