I am building a full stack Nodejs, Express.js and React application with a file upload functionality.<p>What will be the best approach to upload the file?<p>1. Upload the file from frontend to S3?
2. First upload the file to backend and then upload the file from backend to S3?<p>What will be the best option? In my opinion the first approach is better as it doesn't require extra load on backend if the file is larger, but I am not sure about the security issues to keep the AWS credentials in the frontend code.<p>Any suggestions are welcome :)
This is the best way that I know of:<p><a href="https://docs.aws.amazon.com/AmazonS3/latest/userguide/PresignedUrlUploadObject.html" rel="nofollow">https://docs.aws.amazon.com/AmazonS3/latest/userguide/Presig...</a>
I don't have a specific best-practice answer but you could invoke a back-end method which fetches the AWS credentials from Secrets Manager (using a baked-in access key), thereby hiding them from the front-end?<p>Worth taking a look at the AWS WAF (Well-Architected Framework) as this will give you some AWS-approved architecture ideas.
You need to have server side code for sure. The frontend should just send the file to the backend URL to process. The backend should take care of the logic to upload to S3 (and validations etc as needed). Do not store AWS credentials anywhere on the front end.