fastlane-community
Informational: AWS S3 The bucket does not allow ACLs
I figured I'd post this here for anybody else that runs into a similar issue to find.
If you are encountering an error when uploading objects to S3, and your destination bucket either has ACLs disabled (a current best practice) or a policy set that restricts which canned ACLs can be placed on a bucket or bucket object, you'll want to make sure that your fastfile configures the acl appropriately. The error message you'd most likely see if ACLs are disabled is:
The bucket does not allow ACLs
To fix it, you need to configure the relevant bucket(s) in the fastfile to either pass in the expected ACL string (bucket-owner-full-control) or an empty string. This plugin defaults to public-read when the acl argument is omitted entirely, and that causes calls to ACL-disabled buckets to fail.
As the code currently stands, for ACL-disabled buckets, the following should either work or not work:
Should work
aws_s3(
...
acl: '',
...
)
aws_s3(
...
acl: 'bucket-owner-only',
...
)
Should not work
aws_s3(
...
acl: 'public-read',
...
)
aws_s3(
...
# acl argument omitted
...
)
Whether the above will work also depends on the bucket policy on the bucket and any potential SCPs or IAM Role-based policies you may have.
Related:
- https://github.com/fastlane-community/fastlane-plugin-s3/issues/76#issuecomment-2313222357
@jonnyggao - I almost can't believe this actually worked. I'm curious, what search terms did you use to turn it up?
Edit:
can't believe this actually worked
The part where somebody found it and found it useful. 😄
This fixed it, should be added to the README!
Thanks a lot! 👍
@miguel-cardoso-mindera - Considering this repo hasn't been touched in ~3 years, I doubt that will happen.