Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies



[![NPM version](]( [![NPM downloads](](

Version published

Package description

What is @aws-sdk/s3-presigned-post?

@aws-sdk/s3-presigned-post is a package that allows you to generate presigned POST URLs for Amazon S3. These URLs enable users to upload files directly to S3 without needing to expose AWS credentials or write server-side code to handle the uploads.

What are @aws-sdk/s3-presigned-post's main functionalities?

Generate Presigned POST URL

This feature allows you to generate a presigned POST URL for uploading files to an S3 bucket. The code sample demonstrates how to create a presigned POST URL with specific conditions, such as a content length range.

const { S3Client } = require('@aws-sdk/client-s3');
const { createPresignedPost } = require('@aws-sdk/s3-presigned-post');

const client = new S3Client({ region: 'us-west-2' });

const params = {
  Bucket: 'example-bucket',
  Key: 'example-object',
  Expires: 60, // URL expiration time in seconds
  Conditions: [
    ['content-length-range', 0, 1048576], // 1 MB limit

async function generatePresignedPost() {
  try {
    const data = await createPresignedPost(client, params);
    console.log('Presigned POST URL:', data.url);
    console.log('Fields:', data.fields);
  } catch (err) {
    console.error('Error generating presigned POST URL', err);


Other packages similar to @aws-sdk/s3-presigned-post



3.600.0 (2024-06-18)


  • client-bedrock-runtime: This release adds support for using Guardrails with the Converse and ConverseStream APIs. (2bdad15)
  • client-cloudtrail: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (96b429f)
  • client-config-service: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (472d873)
  • client-eks: This release adds support to surface async fargate customer errors from async path to customer through describe-fargate-profile API response. (34e2d61)
  • client-lightsail: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (9a35ffe)
  • client-polly: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (141cb0b)
  • client-rekognition: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (fd9be05)
  • client-sagemaker: Launched a new feature in SageMaker to provide managed MLflow Tracking Servers for customers to track ML experiments. This release also adds a new capability of attaching additional storage to SageMaker HyperPod cluster instances. (92df932)
  • client-shield: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (db1da4c)
  • client-snowball: Add v2 smoke tests and smithy smokeTests trait for SDK testing. (aaf2ab7)
  • clients: update command documentation examples as of 2024-06-18 (861d056)




NPM version NPM downloads

This package provide a function generating URL and fields. Users without AWS credentials can use the URL and fields to to make a POST request to S3. The documentation for the server side feature can be found in S3 API Reference. Please read related sections for more context.


JavaScript Example:

const { createPresignedPost } = require("@aws-sdk/s3-presigned-post");
const { S3Client } = require("@aws-sdk/client-s3");

ES6 Example

import { createPresignedPost } from "@aws-sdk/s3-presigned-post";
import { S3Client } from "@aws-sdk/client-s3";

Create a POST Policy

You can optionally attach a policy to a presigned post. It specifies a list of conditions that the request must meet. For example:

const Conditions = [{ acl: "bucket-owner-full-control" }, { bucket: "johnsmith" }, ["starts-with", "$key", "user/eric/"]];

Visit S3 POST documentation for supported policy elements. If you include a condition, you must specify the valid value in the Fields parameter as well. A value will not be added automatically to the fields dictionary according to the conditions.

Generate a Presigned Post

Users can generate required url and fields for POST request:

const client = new S3Client({ region: "us-west-2" });
const Bucket = "johnsmith";
const Key = "user/eric/1";
const Fields = {
  acl: "bucket-owner-full-control",
const { url, fields } = await createPresignedPost(client, {
  Expires: 600, //Seconds before the presigned post expires. 3600 by default.

The Bucket, Key and other values in Fields must meet the conditions specified in Conditions. The Key can also contain ${filename} that will be automatically replaced by the name of the file provided. See the S3 reference for more information.

Post File using HTML Form

You can also post a file with HTML form:

    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <!-- Copy the 'url' value returned by createPresignedPost() -->
    <form action="URL_VALUE" method="post" enctype="multipart/form-data">
      <!-- Copy the 'fields' key:values returned by S3Client.generate_presigned_post() -->
      <input type="hidden" name="key" value="VALUE" />
      <input type="hidden" name="AWSAccessKeyId" value="VALUE" />
      <input type="hidden" name="policy" value="VALUE" />
      <input type="hidden" name="signature" value="VALUE" />
      <input type="file" name="file" /> <br />
      <input type="submit" name="submit" value="Upload to Amazon S3" />

Post File using FormData in Node.js

In Node.js, use form-data package to post a file:

const { createReadStream } = require("fs");
const FormData = require("form-data");

const form = new FormData();
Object.entries(fields).forEach(([field, value]) => {
  form.append(field, value);
form.append("file", createReadStream("path/to/a/file"));
form.submit(url, (err, res) => {
  //handle the response


Last updated on 18 Jun 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc