search
HomeBackend DevelopmentGolangHow to Implement Pre-Signed POST File Uploads to AWS S3 Using Go?

How to Implement Pre-Signed POST File Uploads to AWS S3 Using Go?

Pre-Signed POST Upload to AWS S3 Using Go

For secure file upload to AWS S3 buckets, pre-signed POST offers a convenient approach. Here's how to accomplish this in Go:

1. Configure Bucket Access:

Modify your S3 bucket's policy to allow public download:

{
    "Version": "2012-10-17",
    "Id": "akjsdhakshfjlashdf",
    "Statement": [
        {
            "Sid": "kjahsdkajhsdkjasda",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::BUCKETNAMEHERE/*"
        }
    ]
}

2. Create Pre-Signed POST Policy:

Craft an HTTP POST policy that grants upload permission:

{ "expiration": "%s",
    "conditions": [
        {"bucket": "%s"},
        ["starts-with", "$key", "%s"],
        {"acl": "public-read"},

        {"x-amz-credential": "%s"},
        {"x-amz-algorithm": "AWS4-HMAC-SHA256"},
        {"x-amz-date": "%s" }
    ]
}

Configure the policy with these parameters:

  • expiration: Upload expiration time
  • bucket: Target S3 bucket name
  • key: Name of the file to be uploaded
  • credentials: Your AWS credentials
  • date: Current date

3. Sign Policy:

Use the S3 bucket owner's credentials to sign the policy:

  • Encode the policy using base64
  • Compute the HMAC-SHA256 signature
  • Encode the signature as a hexadecimal string

4. Construct POST Request:

Generate the multipart form data request:

import "github.com/aws/aws-sdk-go/aws/credentials"

type Field struct {
    Key, Value string
}

func Upload(url string, fields []Field) error {
    b := new(bytes.Buffer)
    w := multipart.NewWriter(b)
    for _, field := range fields {
        fw, err := w.CreateFormField(field.Key)
        if err != nil {
            return err
        }
        if _, err := fw.Write([]byte(field.Value)); err != nil {
            return err
        }
    }
    w.Close()

    req, err := http.NewRequest("POST", url, b)
    if err != nil {
        return err
    }
    req.Header.Set("Content-Type", w.FormDataContentType())

    creds := &credentials.StaticProvider{Value: credentials.Value{
        AccessKeyID:     "AKIAIOSFODNN7EXAMPLE",
        SecretAccessKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
    }}
    cfg := &aws.Config{Credentials: creds}

    client := new(&http.Client{Transport: &aws.HTTPSHandler{Client: *client, Config: *cfg}})
    res, err := client.Do(req)
    if err != nil {
        return err
    }
    if res.StatusCode != http.StatusOK {
        return fmt.Errorf("bad status: %s", res.Status)
    }
    return nil
}

Provide the signed policy fields and the endpoint URL. Your pre-signed POST upload to AWS S3 will then be executed.

The above is the detailed content of How to Implement Pre-Signed POST File Uploads to AWS S3 Using Go?. For more information, please follow other related articles on the PHP Chinese website!

Statement
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
How do you use the "strings" package to manipulate strings in Go?How do you use the "strings" package to manipulate strings in Go?Apr 30, 2025 pm 02:34 PM

The article discusses using Go's "strings" package for string manipulation, detailing common functions and best practices to enhance efficiency and handle Unicode effectively.

How do you use the "crypto" package to perform cryptographic operations in Go?How do you use the "crypto" package to perform cryptographic operations in Go?Apr 30, 2025 pm 02:33 PM

The article details using Go's "crypto" package for cryptographic operations, discussing key generation, management, and best practices for secure implementation.Character count: 159

How do you use the "time" package to handle dates and times in Go?How do you use the "time" package to handle dates and times in Go?Apr 30, 2025 pm 02:32 PM

The article details the use of Go's "time" package for handling dates, times, and time zones, including getting current time, creating specific times, parsing strings, and measuring elapsed time.

How do you use the "reflect" package to inspect the type and value of a variable in Go?How do you use the "reflect" package to inspect the type and value of a variable in Go?Apr 30, 2025 pm 02:29 PM

Article discusses using Go's "reflect" package for variable inspection and modification, highlighting methods and performance considerations.

How do you use the "sync/atomic" package to perform atomic operations in Go?How do you use the "sync/atomic" package to perform atomic operations in Go?Apr 30, 2025 pm 02:26 PM

The article discusses using Go's "sync/atomic" package for atomic operations in concurrent programming, detailing its benefits like preventing race conditions and improving performance.

What is the syntax for creating and using a type conversion in Go?What is the syntax for creating and using a type conversion in Go?Apr 30, 2025 pm 02:25 PM

The article discusses type conversions in Go, including syntax, safe conversion practices, common pitfalls, and learning resources. It emphasizes explicit type conversion and error handling.[159 characters]

What is the syntax for creating and using a type assertion in Go?What is the syntax for creating and using a type assertion in Go?Apr 30, 2025 pm 02:24 PM

The article discusses type assertions in Go, focusing on syntax, potential errors like panics and incorrect types, safe handling methods, and performance implications.

How do you use the "select" statement in Go?How do you use the "select" statement in Go?Apr 30, 2025 pm 02:23 PM

The article explains the use of the "select" statement in Go for handling multiple channel operations, its differences from the "switch" statement, and common use cases like handling multiple channels, implementing timeouts, non-b

See all articles

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Tools

MantisBT

MantisBT

Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

EditPlus Chinese cracked version

EditPlus Chinese cracked version

Small size, syntax highlighting, does not support code prompt function

SublimeText3 English version

SublimeText3 English version

Recommended: Win version, supports code prompts!

SublimeText3 Linux new version

SublimeText3 Linux new version

SublimeText3 Linux latest version

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor