Do not add "x-amz-acl": "public-read"
to the header when uploading artefacts to S3 bucket
#1822
Labels
Comments
Cannot agree because for most users it is what we should do. Because we cannot complicate documentation and ask to do some additional steps. |
well, please at least make an option to disable that behaviour, thank you |
19.16.0 — you can set acl to null to disable adding. Will be released today. |
@romanrev Released. Please check. |
thanks, much appreciated for your speedy resolution of the issue! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We have to allow the
s3:PutObjectAcl
in the IAM policy for theelectron-builder
to be able to successfully upload the artefacts to the S3 bucket, since it always adds a header"x-amz-acl": "public-read"
with each upload request - trying to mark every object it uploads to the bucket as publicly readable.I suggest that this behaviour should be optional - and not the default one, since one can also achieve the same effect with appropriately crafted S3 bucket policy - which we actually prefer to.
Another use case is when an S3 bucket with the built artefacts should not be publicly accessible at all.
The text was updated successfully, but these errors were encountered: