Do not add "x-amz-acl": "public-read"
to the header when uploading artefacts to S3 bucket
#1822
Labels
"x-amz-acl": "public-read"
to the header when uploading artefacts to S3 bucket
#1822
We have to allow the
s3:PutObjectAcl
in the IAM policy for theelectron-builder
to be able to successfully upload the artefacts to the S3 bucket, since it always adds a header"x-amz-acl": "public-read"
with each upload request - trying to mark every object it uploads to the bucket as publicly readable.I suggest that this behaviour should be optional - and not the default one, since one can also achieve the same effect with appropriately crafted S3 bucket policy - which we actually prefer to.
Another use case is when an S3 bucket with the built artefacts should not be publicly accessible at all.
The text was updated successfully, but these errors were encountered: