In my server, I build a presigned S3 URL like this:
// Initialize a session in us-east-1 that the SDK will use to load
// credentials from the shared credentials file ~/.aws/credentials.
sess, err := session.NewSession(&aws.Config{
Region: aws.String("us-east-1")},
)
if err != nil {
// ...
}
// Create S3 service client.
svc := s3.New(sess)
// Create the S3 PutObject request.
resp, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String("REDACTED"),
Key: aws.String(key),
})
// Pre-sign the request to get a URL.
url, err := resp.Presign(20 * time.Second)
if err != nil {
// ...
}
In the browser, I make a PutObject
call to S3 using the presigned URL, like this (notice that I change the REDACTED.s3.amazonaws.com
URL to https://cdn.REDACTED.com
, which is my CloudFront endpoint:
http.get(`/get-presigned-url`).subscribe(
(url: string) => {
const s3Url = 'https://REDACTED.s3.amazonaws.com/';
const cloudfrontUrl = 'https://cdn.REDACTED.com/';
http.put(url.replace(s3Url, cloudfrontUrl), file).subscribe(...);
}
);
The browser gives me this error in return, a 400 Bad Request:
"
InvalidArgument
Only one auth mechanism allowed; only the X-Amz-Algorithm query parameter, Signature query string parameter or the Authorization header should be specifiedAuthorizationAWS REDACTED=REDACTED+REDACTED/REDACTED="
Any ideas what's up?