javascript typescript amazon-s3 aws-sdk aws-sdk-js

AWS S3 CreatePresignedPost not generating some of the required fields

I'm trying to generate a presigned post to give the browser privileges to upload / delete a specific file from a bucket, but it seems the createPresignedPost is not generating some of the required fields. getSignedUrl works.

      const signedUrl = await new Promise<PresignedPost>( (resolve, reject) => {
        this.s3.createPresignedPost({
          Bucket: this.env.config.s3.buckets.images,
          Fields: { key },
          Conditions: [
            ["content-length-range", 0, 10 * 1024 * 1024]
          ],
          Expires: 3600,
        }, (err, preSigned) => { if (err) { reject(err) } else { resolve(preSigned) }});
      });

      // This works, but doesn't allow the object to be deleted, and does not allow setting a maximum file size
      //
      // const rawUrl = new URL(await this.s3.getSignedUrlPromise('putObject', {
      //     Bucket: this.env.config.s3.buckets.images,
      //     Key: key,
      //     Expires: 3600,
      // }));
      //
      // const signedUrl = {
      //   url: rawUrl.origin + rawUrl.pathname,
      //   fields: Object.fromEntries(Array.from(rawUrl.searchParams.entries()))
      // };

The createPresignedPost generates:

{ 
  url: 'https://s3.eu-west-3.amazonaws.com/xxx-images',
  fields: { 
    key: 'incoming/ae83pfxu7kf4dfdv4hbvorsxq31hadtjcp97ehwt30ds5',
    bucket: 'xxx-images',
    'X-Amz-Algorithm': 'AWS4-HMAC-SHA256',
    'X-Amz-Credential': 'xxx',
    'X-Amz-Date': '20200509T145014Z',
    Policy:    
 'eyJleHBpcmF0aW9uIjoiMjAyMC0wNS0wOVQxNTo1MDoxNFoiLCJjb25kaXRpb25zIjpbWyJjb250ZW50LWxlbmd0aC1yYW5nZSIsMCwxMDQ4NTc2MF0seyJrZXkiOiJpbmNvbWluZy9hZTgzcGZ4dTdrZjRkZmR2NGhidm9yc3hxMzFoYWR0amNwOTdlaHd0MzBkczUifSx7ImJ1Y2tldCI6InByZWZsaWdodGVtYWlsLWltYWdlcyJ9LHsiWC1BbXotQWxnb3JpdGhtIjoiQVdTNC1ITUFDLVNIQTI1NiJ9LHsiWC1BbXotQ3JlZGVudGlhbCI6IkFLSUE1RE5UN0lOWjJKTU5TQVhILzIwMjAwNTA5L2V1LXdlc3QtMy9zMy9hd3M0X3JlcXVlc3QifSx7IlgtQW16LURhdGUiOiIyMDIwMDUwOVQxNDUwMTRaIn1dfQ==',
    'X-Amz-Signature': 'xxx' } }

Trying to PUT a file with those parameters gives:

<?xml version="1.0" encoding="UTF-8"?>
<Error>
  <Code>AuthorizationQueryParametersError</Code>
  <Message>Query-string authentication version 4 requires the X-Amz-Algorithm, X-Amz-Credential, X-Amz-Signature, X-Amz-Date, X-Amz-SignedHeaders, and X-Amz-Expires parameters.</Message> 
 <RequestId>xxx</RequestId> 
 <HostId>xxx</HostId>
</Error>

The older API call generates the missing 'X-Amz-SignedHeaders', and 'X-Amz-Expires' parameters too.

Can anyone help me in what am I doing wrong?

Solution

You should use POST instead of PUT since you are using createPresignedPost to generate the URL.