AWS S3 SDK - Copy Versioned Object into same bucket

Question

Following this method mentioned by AWS, I am trying to create an API that would allow me to rollback to previous versions with a Lambda Function that will be hooked up to API Gateway. I will need the object, specified by version id, to overwrite the existing object in the same bucket.

const copyObjectAsync = params => s3.copyObject(params).promise();
const copyObjectParams = obj => ({
  Bucket: s3bucket,
  CopySource: `/${s3bucket}/${obj.objectkey}?versionId=${
    obj.versionId
  }`,
  Key: obj.objectkey,
  Tagging: `commit=${obj.commit}`,
});

const revert = async req => {
  const result = await Promise.all(
    req.payload.map(obj => {
      const params = copyObjectParams(obj);
      return copyObjectAsync(params);
    })
  );

  return result;
};

However, I am not having any luck. I get the following response:

{
    "message": "Access Denied",
    "code": "AccessDenied",
    "region": null,
    "time": "2019-04-19T17:59:59.971Z",
    "statusCode": 403,
    "retryable": false,
    "retryDelay": 80.54565963302768
}

If I instead do a get object at a specific version and store that object in memory and then pass it through in putObject, it works fine.

Here are how my policies are setup:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:GetObjectTagging",
                "s3:GetObjectVersion",
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectTagging",
                "s3:PutObjectVersionTagging"
            ],
            "Resource": "*"
        }
    ]
}

AWS S3 SDK - Copy Versioned Object into same bucket

Answers (1)

Related Questions