I am trying to upload a mp3 file to my S3 bucket. I read somewhere that the best way is to upload the file directly from the html form to S3 without going through The server pipes. But I want to know: Is this method safe? For security reasons, do you need a server, such as application access keys, etc.?
In addition, I found it difficult to make it work. I think the official explanation is not very detailed.
I am following this guide: http://docs.aws. amazon.com/AmazonS3/latest/API/sigv4-post-example.html This is the official guide. I’m not sure I am doing it right. Can you tell me this is the right way and what I did wrong:
1. I fill in a Policy object
{ "expiration": "2015-12-30T12:00:00.000Z",
"conditions" : [
{"bucket": "sigv4examplebucket"},
["starts-with", "$key", "user/user1/"],
{"acl": " public-read"},
{"success_action_redirect": "http://sigv4examplebucket.s3.amazonaws.com/successful_upload.html"},
["starts-with", "$Content-Type ", "image/"],
{"x-amz-meta-uuid": "14365123651274"},
{"x-amz-server-side-encryption": "AES256"},
["starts-with", "$x-amz-meta-tag", ""],
{"x-amz-credential": "AKIAIOSFODNN7EXAMPLE/20151229/us- east-1/s3/aws4_request"},
{"x-amz-algorithm": "AWS4-HMAC-SHA256"},
{"x-amz-date": "20151229T000000Z" }< br /> ]
}
>What is “x-amz-meta-uuid” and where can I find it?
>What do I write in the “x-amz-credential” node?
2. My base64 encoding strategy object
3. I use the upload form to create HTML pages