How do I upload a file into a protected s3 bucket

2019-08-21 11:47发布

问题:

I have an AWS mobile hub project and am attempting to upload a file into the protected folder of the autogenerated bucket.

S3 Bucket

  • private
  • protected
  • public
  • uploads

I am using the AWSS3TransferUtility to upload files currently after my user has authenticated. I looked at the docs and the website left inside the folders upon creation. They have setup the permissions to protect the data in different ways in different folders. I was able to upload files to the uploads folder with no problem. I then tried to upload to the private and protected folder and received an authorized 403 from the API call. I checked into the permissions on the bucket through IAM.

Example from IAM

BucketName | string like | appname-userfiles-mobilehub-1213213213, ObjectPath | string like | private/${cognito-identity.amazonaws.com:sub}/*

So I have deduced the key for upload must include the cognito-identity in the key. How do I get the current user's cognito-identity such that it will match and allow me to upload my files to S3 while ensuring their data protection integrity?

回答1:

I had the AWSIdentifyManager to pull the user id.

// start of upload code
let transferUtility = AWSS3TransferUtility.default()
let user = AWSIdentityManager.default().identityId
let newKey = "protected/"+user!+"/"+fileURL.lastPathComponent

 transferUtility.uploadData(
     data,
     bucket: "appbucket-name",
     key: newKey,
      contentType: "text/plain",
 ...
 //rest of code from the docs