New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not add ` "x-amz-acl": "public-read"` to the header when uploading artefacts to S3 bucket #1822

Closed
romanrev opened this Issue Jul 12, 2017 · 5 comments

Comments

Projects
None yet
2 participants
@romanrev

romanrev commented Jul 12, 2017

  • Version: 18.3.0
  • Electron-Updater: 2.0.0
  • Target: OSX/Windows

We have to allow the s3:PutObjectAcl in the IAM policy for the electron-builder to be able to successfully upload the artefacts to the S3 bucket, since it always adds a header "x-amz-acl": "public-read" with each upload request - trying to mark every object it uploads to the bucket as publicly readable.
I suggest that this behaviour should be optional - and not the default one, since one can also achieve the same effect with appropriately crafted S3 bucket policy - which we actually prefer to.
Another use case is when an S3 bucket with the built artefacts should not be publicly accessible at all.

@develar

This comment has been minimized.

Member

develar commented Jul 12, 2017

and not the default one

Cannot agree because for most users it is what we should do. Because we cannot complicate documentation and ask to do some additional steps.

@romanrev

This comment has been minimized.

romanrev commented Jul 12, 2017

well, please at least make an option to disable that behaviour, thank you

@develar

This comment has been minimized.

Member

develar commented Jul 12, 2017

19.16.0 — you can set acl to null to disable adding. Will be released today.

@develar develar closed this in 203c8c4 Jul 12, 2017

@develar

This comment has been minimized.

Member

develar commented Jul 12, 2017

@romanrev Released. Please check.

@romanrev

This comment has been minimized.

romanrev commented Jul 12, 2017

thanks, much appreciated for your speedy resolution of the issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment