Share

Question

Using the ruby aws-sdk gem, presigned post uploads work correctly with AWS S3 proper and fail when attempting on Spaces. So there is some kind of non-interoperability going on.

I setup everything following this guide, https://devcenter.heroku.com/articles/direct-to-s3-image-uploads-in-rails

It’s failing with this error:

<Error> 
    <Code>InvalidArgument</Code> 
    <Message>Missing access key</Message> 
    <BucketName>bucket</BucketName> 
    <RequestId>tx0000000000000000...</RequestId> 
    <HostId>1d183-nyc3a-nyc</HostId> 
</Error>

Again, the code works with S3, fails with Spaces. Has anyone got this to work?

Answer 1

PDGBen October 6, 2017

Here is a working example using the aws-sdk-v1 gem, which is required until Spaces supports v4 signatures.

class FoobarController < ApplicationController
  layout false

  def index
    AWS.config(
      access_key_id: 'ACCESS_KEY_ID',
      secret_access_key: 'SECRET_ACCESS_KEY',
      s3_endpoint: 'nyc3.digitaloceanspaces.com',
      region: 'ny3'
    )

    bucket = AWS::S3.new.buckets['BUCKET-NAME']
    @s3_direct_post = bucket.presigned_post(
      key: "uploads/#{SecureRandom.uuid}/${filename}",
      success_action_status: '201',
      acl: 'public-read',
      content_type: ''
    )
  end
end

<%= form_tag(@s3_direct_post.url.to_s, enctype: 'multipart/form-data', authenticity_token: false, enforce_utf8: false) do %>
    <% @s3_direct_post.fields.each do |field, value| %>
        <%= hidden_field_tag field, value %>
    <% end %>
    <%= file_field_tag :file %>
    <%= submit_tag 'Upload' %>
<% end %>

Reply

Answer 2

PDGBen October 4, 2017

I found this post on the DigitalOcean UserVoice, which answers why. Presigned POST with the v4 signature does not work, you must use the v2 signature. I’ve yet to find a way to force the aws-sdk gem to use the v2 signature so I’ll be waiting for v4 support.

https://digitalocean.uservoice.com/forums/136585-digitalocean/suggestions/31523221-spaces-api-support-presigned-upload-urls-like-tho

Reply

Answer 3

johngannon MOD January 4, 2018

@PDGBen we now have v4 support in NYC3, and soon will have the same in AMS3. HTH

Reply

zaimlvmry January 23, 2018

Always get SignatureDoesNotMatch using v2 or v4 presigned url in NYC3
- Mowijo September 13, 2019
  
  And fra1 too. Still.

Answer 4

zaimlvmry January 23, 2018

Always get SignatureDoesNotMatch using v2 or v4 presigned url in NYC3
- Mowijo September 13, 2019
  
  And fra1 too. Still.

Answer 5

zaimlvmry January 23, 2018

[deleted]

Reply

Answer 6

hve October 23, 2018

Please let me know if DigitalOcean supports the “Policy” and “X-Amz-Signature” headers? (AWS V4) TIA.

Reply

Spaces Presigned POST

Leave a Comment

Share

Share your Question

Spaces Presigned POST

Leave a Comment

Related

question

Can i set a CNAME rules for my Spaces Storag such as S3 ?

question

How to restrict object access to only certain origins through CORS policy in Spaces?

question

rate limiting on Spaces?

question

How to move entire bucket from S3 to DigitalOcean Spaces?

Almost there!