Open iamogbz opened 6 months ago
Failure while deploying build using aws-spa
aws-spa
[S3] ✏️ Allow public read to "s3.bucket.domain"... 💥 Access Denied
Reason due to initial bucket creation having the Block public access (bucket settings) - All setting enabled.
Block public access (bucket settings) - All
Can be fixed by adding a remove block public access step before the allow public read bucket policy update.
export const setBucketPolicy = async (bucketName: string) => { logger.info(`[S3] ✏️ Allow public read to "${bucketName}"...`); // remove public access block await s3 .putPublicAccessBlock({ Bucket: bucketName, PublicAccessBlockConfiguration: { BlockPublicAcls: false, IgnorePublicAcls: false, BlockPublicPolicy: false, RestrictPublicBuckets: false, }, }) .promise(); // allow public reads return s3 .putBucketPolicy({ Bucket: bucketName, Policy: JSON.stringify({ Statement: [ { Sid: "AllowPublicRead", Effect: "Allow", Principal: { AWS: "*", }, Action: "s3:GetObject", Resource: `arn:aws:s3:::${bucketName}/*`, }, ], }), }) .promise(); };
at
https://github.com/lalalilo/aws-spa/blob/6031af3838ea23e07759e3a3eafe93e8f38cea12/src/s3.ts#L117-L137
Should be resolved by: https://github.com/lalalilo/aws-spa/pull/58
Failure while deploying build using
aws-spa
Reason due to initial bucket creation having the
Block public access (bucket settings) - All
setting enabled.Can be fixed by adding a remove block public access step before the allow public read bucket policy update.
at
https://github.com/lalalilo/aws-spa/blob/6031af3838ea23e07759e3a3eafe93e8f38cea12/src/s3.ts#L117-L137