CollectionFS S3 ERROR STREAM images Access Denied

Question

I'm trying to set up CollectionFS and S3 so that I can upload files to S3 from AutoForm.

I have an Images FS.Collection defined with a .allow function living on the server, like so:

// Client and server.
var imageStore = new FS.Store.S3('images', {                                                                            
  region: 'us-east-1',                                                                                                  
  accessKeyId: 'mykey',                                                                                                                                            
  secretAccessKey: 'my/key',                                                          
  bucket: 'buketz',                                                                                               
  folder: 'images',                                                                                                     
});                                                                                                                     

Images = new FS.Collection('images', {                                                                                  
  stores: [imageStore],                                                                                                 
  filter: {                                                                                                             
    allow: {                                                                                                            
      contentTypes: ['image/*'],                                                                                        
      extensions: ['png', 'PNG', 'jpg', 'JPG', 'jpeg', 'JPEG']                                                          
    }                                                                                                                   
  }                                                                                                                     
});

// Server only.
Images.allow({                                                                                                                                                                    
  insert: function (userId, image) {                                                                                    
    return true;                                                                                                        
  },                                                                                                                    
  update: function (userId, image) {                                                                                    
    return true;                                                                                                        
  },                                                                                                                    
  remove: function (userId, image) {                                                                                    
    return true;                                                                                                        
  },                                                                                                                    
  download: function (userId, image) {                                                                                  
    return true;                                                                                                        
  }                                                                                                                     
}); 

Now, when I load the application, Meteor throws me this error:

/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/request.js:32
          throw err;
                ^
Error: Error storing file to the images store: Access Denied
    at [object Object].<anonymous> (packages/cfs:collection/common.js:88:1)
    at [object Object].emit (events.js:106:17)
    at Writable.<anonymous> (packages/cfs:storage-adapter/storageAdapter.server.js:212:1)
    at Writable.emit (events.js:117:20)
    at Response.<anonymous> (packages/cfs:s3/s3.upload.stream2.js:178:1)
    at Request.<anonymous> (/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/request.js:350:18)
    at Request.callListeners (/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/sequential_executor.js:100:18)
    at Request.emit (/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
    at Request.emit (/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/request.js:604:14)
    at Request.transition (/Users/pcoffey/.meteor/packages/cfs_s3/.0.1.3.1ba5bia++os+web.browser+web.cordova/npm/node_modules/aws-sdk/lib/request.js:21:12)
Exited with code: 8

Setting FS.debug to true returns this error:

FileWorker ADDED - calling saveCopy images for o5pjjrGD9AfHJwHZG
saving to store images
createWriteStream images, internal: false
createWriteStreamForFileKey images
Meteor._wrapAsync has been renamed to Meteor.wrapAsync
TempStore is mounted on storage.gridfs
FS.TempStore creating read stream for o5pjjrGD9AfHJwHZG
createReadStream _tempstore
createReadStreamForFileKey _tempstore
GRIDFS { _id: 5584b2140cac49f4312c1425, root: 'cfs_gridfs._tempstore' }
FS.HTTP.unmount:
{}
Registered HTTP method URLs:
/cfs/files/:collectionName/:id/:filename
/cfs/files/:collectionName/:id
/cfs/files/:collectionName
=> Meteor server restarted
-----------ERROR STREAM images Access Denied
-----------ERROR STREAM images Access Denied

If I change the collection name, it temporarily will load but as soon as I attempt to do a file upload, the error starts up again. Does anyone have ideas as to what may be causing this problem?

Answer 1

Sounds like a problem with the AWS permissions. Did you do the setup?

Answer 2

I got setup like this which works very nicely for me. I use following packages:

 cfs:standard-packages
 cfs:filesystem
 cfs:s3
 cfs:graphicsmagick

//Client side code

var companyLogoStore = new FS.Store.S3( "companyLogo" );
Images = new FS.Collection( "images", {
  stores: [ companyLogoStore ],
  filter: {
    maxSize: 5242880, // in bytes
    allow: {
        contentTypes: [ 'image/*' ],
        extensions: [ 'png', 'bmp', 'jpeg', 'gif', 'webp', 'jpg' ]
    }
  },
  onInvalid: function ( message ) {
    if ( Meteor.isClient ) {
        Alerts.add( message, 'danger' );
    } else {
        console.log( message );
    }
  }
} );

//Server side code

 var companyLogoStore = new FS.Store.S3("companyLogo", {
  region: "xxxxxx", 
  accessKeyId: "xxxxxxx",
  secretAccessKey: "xxxxxxxx",
  bucket: "xxxxxxx",
  ACL: "public-read", **//optional, default is 'private', but you can allow public or secure access routed through your app URL**
  fileKeyMaker: function (fileObj) {
    return 'uploads/company/' + fileObj.original.name;
  },
  transformWrite: function(fileObj, readStream, writeStream) {
    gm(readStream, fileObj.name()).resize('210', '210').stream().pipe(writeStream);
  },
  maxTries: 3 //optional, default 5
 });

Also I use ongoworks:security package for permissions

Images.files.permit(['insert','update','remove']).ifHasRole(['admin', 'manager']).apply();