STS client side signing with accelerated endpoint

[mifi]

Initial checklist

• I understand this is a feature request and questions should be posted in the Community Forum
• I searched issues and couldn’t find anything (or linked relevant results below)

Problem

#4809 (comment)

Solution

allow client side signing also using accelerated endpoint also with STS

Alternatives

just say that we don't support that

[movy]

Thanks for this issue. I was mulling over the meaning behind getTemporarySecurityCredentials as it's not instantly obvious from the docs for those who are new to S3/STS business, now thanks to this and prev issue, its meaning is clear now.

As a temporary fix, I've set getTemporarySecurityCredentials: false in our uppy setup and everything works as expected now.

Another issue that was fixed along the way was uploads stalling in Chrome on MacOS after first chunk was sent, note the second (pending) request, it hangs forever:

(hangs only with getTemporarySecurityCredentials: true).

No issues in Safari or Firefox. I see no connection here, maybe we can investigate further later.

I also had to add POST to allowed methods in S3 CORS configuration, as it was not listed on docs page (https://uppy.io/docs/aws-s3-multipart/#setting-up-your-s3-bucket), but without this my browser could not start uploads due to a CORS error.

Either way, thanks for your help with this!

[Murderlon]

@aduh95 seems like we are sending a duplicate request in s3-multipart which never resolves.

[stephenhuh]

any updates on this one? while presigning can work, it just introduces too much network overhead (and cost)