Cyberduck
Mountain Duck
CLI#7356 closed defect (fixed)
S3 uploads fail when policy denies "s3:PutObjectAcl"
| Reported by: | petr tichý | Owned by: | dkocher |
|---|---|---|---|
| Priority: | normal | Milestone: | 4.4 |
| Component: | s3 | Version: | 4.3.1 |
| Severity: | normal | Keywords: | |
| Cc: | Architecture: | Intel | |
| Platform: | Mac OS X 10.8 |
Description
Maybe Cyberduck should not include the x-amz-acl and x-amz-storage-class headers in PUT object by default, because the user might not be able to manipulate the ACL and the upload will fail. Either set the ACL afterwards in different request, or make the defaults key "s3.key.acl.default" and "s3.location" optional.
Change History (5)
comment:1 Changed on Jul 19, 2013 at 4:20:39 PM by dkocher
- Milestone set to 4.4
- Status changed from new to assigned
comment:2 Changed on Jul 21, 2013 at 9:45:15 PM by dkocher
comment:3 follow-up: ↓ 4 Changed on Jul 22, 2013 at 8:58:38 AM by petr tichý
What about adding a "default" option to the selector in preferences that makes it not to send these headers?
comment:4 in reply to: ↑ 3 Changed on Jul 23, 2013 at 12:37:48 PM by dkocher
Replying to petr tichý:
What about adding a "default" option to the selector in preferences that makes it not to send these headers?
With r12205 the ACL headers are only sent when Change Permissions is checked in Preferences → Transfers → Permissions → Change permissions.
comment:5 Changed on Jul 23, 2013 at 2:54:39 PM by dkocher
- Resolution set to fixed
- Status changed from assigned to closed
In r12214. Set ACLs in post upload only if Change Permissions is selected in Preferences → Upload. Only set storage class when set to other than STANDARD.
Unfortunately this would triple the protocol overhead.