Devin
01/19/2022, 11:05 PMDevin
01/19/2022, 11:10 PM.csv
to an S3 Bucket. I am running into a problem that’s a little opaque to me and don’t know how to solve.
I’m using Amplify for auth and I am fairly confident that’s set up correctly.
Amplify.configure({
API: {
endpoints: [
{
name: "customers",
endpoint: config.apiGateway.URL,
region: config.apiGateway.REGION,
},
],
},
Auth: {
mandatorySignIn: true,
region: config.cognito.REGION,
userPoolId: config.cognito.USER_POOL_ID,
identityPoolId: config.cognito.IDENTITY_POOL_ID,
userPoolWebClientId: config.cognito.APP_CLIENT_ID,
},
Storage: {
region: config.s3.REGION,
bucket: config.s3.BUCKET,
},
});
My code for the input is:
const stored = await Storage.vault.put("cool-file", file, {
contentType: file.type,
});
In my Stack I’m set up in a similar way to the Notes tutorial
const bucket = new sst.Bucket(this, "ComicsHelperBucket", {
s3Bucket: {
cors: [
{
maxAge: 3000,
allowedOrigins: ["*"],
allowedHeaders: ["*"],
allowedMethods: ["GET", "PUT", "POST", "DELETE", "HEAD"],
},
],
// Delete all the files
autoDeleteObjects: true,
// Remove the bucket when the stack is removed
removalPolicy: RemovalPolicy.DESTROY,
},
notifications: ...
The primary difference between my app and the Notes app is that I’m using Amplify for auth and login components. So maybe I need to add the Bucket to the auth? It seems like it should work…
Gah--- It’s probably that I didn’t attach permission
import * as iam from "@aws-cdk/aws-iam";
// later
new iam.PolicyStatement({
actions: ["s3:*"],
effect: iam.Effect.ALLOW,
resources: [
bucket.bucketArn + "/private/${<http://cognito-identity.amazonaws.com:sub|cognito-identity.amazonaws.com:sub>}/*",
],
}),
Frank