Call S3 pre-signed URL with postman

amazon-web-services amazon-s3 postman pre-signed-url

10,746

Solution 1

I was able to get this working in Postman using a POST request. Here are the details of what worked for me. When I call my lambda to get a presigned URL here is the json that comes back (after I masked sensitive and app-specific information):

{
    "attachmentName": "MySecondAttachment.docx",
    "url": "https://my-s3-bucket.s3.amazonaws.com/",
    "fields": {
        "acl": "public-read",
        "Content-Type": "multipart/form-data",
        "key": "attachment-upload/R271645/65397746_MySecondAttachment.docx",
        "x-amz-algorithm": "AWS4-HMAC-SHA256",
        "x-amz-credential": "WWWWWWWW/20200318/us-east-1/s3/aws4_request",
        "x-amz-date": "20200318T133309Z",
        "x-amz-security-token": "XXXXXXXX",
        "policy": "YYYYYYYY",
        "x-amz-signature": "ZZZZZZZZ"
    }
}

In Postman, create a POST request, and use “form-data” to enter in all the fields you got back, with exactly the same field names you got back in the signedURL shown above. Do not set the content type, however. Then add one more key named “file”:

To the right of the word file if you click the drop-down you can browse to your file and attach it:

In case it helps, I’m using a lambda written in python to generate a presigned URL so a user can upload an attachment. The code looks like this:

signedURL = self.s3.generate_presigned_post(
    Bucket= "my-s3-bucket",
    Key=putkey,
    Fields = {"acl": "public-read", "Content-Type": "multipart/form-data"},
    ExpiresIn = 15,
    Conditions = [
        {"acl": "public-read"},
        ["content-length-range", 1, 5120000]
        ]
    )

Hope this helps.

Solution 2

Your pre-signed url should be like https://bucket-name.s3.region.amazonaws.com/folder/filename.jpg?AWSAccessKeyId=XXX&Content-Type=image%2Fjpeg&Expires=XXX&Signature=XXX

You can upload to S3 with postman by

Set above url as endpoint
Select PUT request,
Body -> binary -> Select file

Solution 3

Your pre-signed url should be like https://bucket-name.s3.region.amazonaws.com/folder/filename.jpg?AWSAccessKeyId=XXX&Content-Type=image%2Fjpeg&Expires=XXX&Signature=XXX

You can upload to S3 with postman by

Set above url as endpoint Select PUT request, Body -> binary -> Select file

10,746

Author by

user2149161

Updated on June 12, 2022

Comments

user2149161 almost 2 years
I am attempting to use a pre-signed URL to upload as described in the docs (https://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObject.html) I can retrieve the pre-signed URL but when I attempt to do a PUT in Postman, I receive the following error:
```
<Code>SignatureDoesNotMatch</Code>
<Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>
```
Obviously, the way my put call is structured doesn't match with the way AWS is calculating the signature. I can't find a lot of information on what this put call requires.

I've attempted to modify the header for Content-Type to multipart/form-data and application/octet-stream. I've also tried to untick the headers section in postman and rely on the body type for both form-data and binary settings where I select the file. The form-data setting results in the following added to the call:

Content-Disposition: form-data; name="thefiletosend.txt"; filename="thefiletosend.txt

In addition, I noticed that postman is including what it calls "temporary headers" as follows:

Host: s3.amazonaws.com Content-Type: text/plain User-Agent: PostmanRuntime/7.13.0 Accept: / Cache-Control: no-cache Postman-Token: e11d1ef0-8156-4ca7-9317-9f4d22daf6c5,2135bc0e-1285-4438-bb8e-b21d31dc36db Host: s3.amazonaws.com accept-encoding: gzip, deflate content-length: 14 Connection: keep-alive cache-control: no-cache

The Content-Type header may be one of the issues, but I'm not certain how to exclude these "temporary headers" in postman.

I am generating the pre-signed URL in a lambda as follows:
```
    public string FunctionHandler(Input input, ILambdaContext context)
    { 
        _logger = context.Logger;
        _key = input.key;
        _bucketname = input.bucketname;

        string signedURL = _s3Client.GetPreSignedURL(new GetPreSignedUrlRequest()
        {
            Verb = HttpVerb.PUT ,
            Protocol = Protocol.HTTPS,
            BucketName = _bucketname,
            Key = _key,
            Expires = DateTime.Now.AddMinutes(5)
        });

        returnObj returnVal = new returnObj() { url = signedURL };

        return JsonConvert.SerializeObject(returnVal);

    }
```
Kishore Bandi about 3 years

The problem of using form based upload is it modifies the file being uploaded and appends these additional values. ----------------------------32452463456766 Content-Disposition: form-data; name="file"; filename="employee.csv" Content-Type: text/csv
Mercurial over 2 years

Thanks! I was adding the file as a form-data parameter which made the image file corrupted.
Hieu Thai almost 2 years

My problem with this approach is this: Using form upload modify the content type as Content-Type binary/octet-stream. While using the binary upload keep the content type of the file. What it may affect: When you upload a picture and you want to render this picture, the content-type binary/octet-stream will prevent you from rendering it correctly