Reputation: 39
Error with aws ruby sdk S3: `Aws::S3::Errors::AccessControlListNotSupported`
I've image upload functionality and using active storage with S3. The bucket is private and while uploading image facing issue: Aws::S3::Errors::AccessControlListNotSupported.
My configuration in the model is:
has_attached_file :image, { storage: :s3, original: 'private', s3_protocol: 'https', s3_credentials: { bucket: ENV['XXXX_XXX_BUCKET'], s3_host_name: ENV['S3_HOST_NAME'], access_key_id: ENV['AWS_ACCESS_KEY_ID'], secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'], s3_region: ENV['S3_REGION'] }, url: "/templates/:user_id/:basename.:extension", path: "templates/:user_id/:basename.:extension", default_url: nil }
Any thoughts?
Upvotes: 0
Views: 736
Answers (1)
Reputation: 447
Relatively recently (Nov 2021), Amazon allows buckets to exist without ACL object rules.
Amazon document reference: https://aws.amazon.com/about-aws/whats-new/2021/11/amazon-s3-object-ownership-simplify-access-management-data-s3/
You didn't provide an example of your Ruby code, so I can only assume you're setting acl in your put_object() call on a bucket that has object ACL's disabled.
I'm not familiar with the Ruby-specific SDK, but chances are you're either trying to set the object ACL on a bucket that does not allow object ACL's OR the Ruby SDK is not updated to support buckets with ACL's disabled (This is relatively new, see above)
There are two routes you can take to get past your issue:
- (recommended method) Tweak your code to not supply acl, or use an SDK version that supports this new type of bucket setting without an object owner ACL.
Again, you didn't post your code, but ensure you're trying like this:
resp = client.put_object({
body: "filetoupload",
bucket: "examplebucket",
key: "objectkey",
})
Not like this:
resp = client.put_object({
acl: "some-acl",
body: "filetoupload",
bucket: "examplebucket",
key: "objectkey",
})
OR
- Enable ACL's on the bucket. From the console, go to
bucket -> permissions -> object ownershipsection of the console and enable ACL. Ensure you are aware of the implications of doing so, however that's out of scope for this question.
Upvotes: 0
Related Questions
- I have full S3 permissions, confirmed with simulator, but getting an access denied using AWS S3 SDK for Rails
- Aws::S3::Errors::AccessDenied: Access Denied
- Aws::ElasticTranscoder::Errors::AccessDeniedException
- Aws::S3::Errors::AccessDenied when trying to write using rails apps
- Error after configuring aws
- Aws::S3 undefined method 'with_prefix' on a ::Resource
- Amazon S3: set permissions using aws-sdk-ruby
- AWS::S3::Errors::NoSuchKey: No Such Key error
- AWS::S3::Errors::InvalidAccessKeyId
- Rails 3 and AWS::S3 Ruby Gem