It is possible to use JavaScript APIs to upload objects to S3 and it is possible to have a fine-grain authorization using IAM policies. For instance, see this policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::YOUR_BUCKET_NAME/*"
],
"Effect": "Allow"
},
]
}It is possible to use JavaScript APIs to upload objects to S3 and it is possible to have a fine-grain authorization using IAM policies. For instance, see this policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::YOUR_BUCKET_NAME/*"
],
"Effect": "Allow"
},
]
}inspired from their tutorial which allows to put objects into the bucket YOUR_BUCKET_NAME. However it is not clear to me whether it is possible to limit the number of objects and the size of each objects one can upload. I have checked into the list of contitions, but I didn't find anything useful on this.
2 Answers
Reset to default 4Is it possible to limit the number of objects and the size of each object one can upload to S3? In general, no. You cannot do this through any kind of bucket policy.
You can, however, limit an individual object upload size from browsers using a pre-signed POST URL with a policy indicating a content-length-range.
Alternatively, you could code this restriction into your JS client or a server that proxies your uploads.
See JS examples and a discussion of policies and a related response on restricting object size via POST.
In reply to the title "Can I limit the size of an object put into S3 via the JavaScript API?"
Yes you can. But instead of using IAM, use createPresignedPost. In Conditions specify a maximum content-length-range.