Cyberduck Mountain Duck CLI

#7356 closed defect (fixed)

S3 uploads fail when policy denies "s3:PutObjectAcl"

Reported by: petr tichý Owned by: dkocher
Priority: normal Milestone: 4.4
Component: s3 Version: 4.3.1
Severity: normal Keywords:
Cc: Architecture: Intel
Platform: Mac OS X 10.8

Description

Maybe Cyberduck should not include the x-amz-acl and x-amz-storage-class headers in PUT object by default, because the user might not be able to manipulate the ACL and the upload will fail. Either set the ACL afterwards in different request, or make the defaults key "s3.key.acl.default" and "s3.location" optional.

Change History (5)

comment:1 Changed on Jul 19, 2013 at 4:20:39 PM by dkocher

  • Milestone set to 4.4
  • Status changed from new to assigned

comment:2 Changed on Jul 21, 2013 at 9:45:15 PM by dkocher

Unfortunately this would triple the protocol overhead.

comment:3 follow-up: Changed on Jul 22, 2013 at 8:58:38 AM by petr tichý

What about adding a "default" option to the selector in preferences that makes it not to send these headers?

comment:4 in reply to: ↑ 3 Changed on Jul 23, 2013 at 12:37:48 PM by dkocher

Replying to petr tichý:

What about adding a "default" option to the selector in preferences that makes it not to send these headers?

With r12205 the ACL headers are only sent when Change Permissions is checked in Preferences → Transfers → Permissions → Change permissions.

comment:5 Changed on Jul 23, 2013 at 2:54:39 PM by dkocher

  • Resolution set to fixed
  • Status changed from assigned to closed

In r12214. Set ACLs in post upload only if Change Permissions is selected in Preferences → Upload. Only set storage class when set to other than STANDARD.

Note: See TracTickets for help on using tickets.
swiss made software