Since April 5th, 2023, AWS announced that by default all new buckets will apply two new security best practices.
What changed
The two changes are:
- S3 Block Public Access is now enabled by default. This means all public traffic is disabled by default.
- S3 access control lists (ACLs) is disabled by default. This means the ACL is now on a per-bucket basis instead of a per-object.
Solution
- In you Laravel Project find
config/filesystems.php - On every S3 disk add an options key with ACL set to an empty string.
's3' => [
'driver' => 's3',
'key' => env('AWS_ACCESS_KEY_ID'),
'secret' => env('AWS_SECRET_ACCESS_KEY'),
'region' => env('AWS_DEFAULT_REGION'),
'bucket' => 'yourdisk-1',
'url' => env('AWS_URL'),
'endpoint' => env('AWS_ENDPOINT'),
'use_path_style_endpoint' => env('AWS_USE_PATH_STYLE_ENDPOINT', false),
'throw' => false,
'root' => env('APP_ENV'),
'options' => [
'ACL' => ''
]
],The final result should be similar to this. Make sure you use this on all s3 disks if you have more than one.
THIS is the solution, all other articles around the web suggest to enable acl that is not the recommended practice anymore. Thank you
Man, you’ve saved a lot if time. Thank you!