Limiting the Size of Files Uploaded to S3

Introduction

Amazon S3 is commonly used to store files uploaded by users, but limiting the size of these uploads is crucial to prevent excessive storage costs and control bandwidth usage. You can implement file size restrictions both on the frontend and backend, ensuring only files of the allowed size are uploaded. This article provides methods for enforcing file size limits and includes a code example for backend validation in AWS Lambda.

Tip: S3 Bucket Name Generator - Use this tool to generate unique and compliant S3 bucket names.

Frontend Approach: Limiting File Size

Limiting the file size on the frontend is the first step in preventing large file uploads. By implementing a size check before uploading, you provide a quick response to users and reduce unnecessary backend processing.

Example Code for Frontend Validation (JavaScript)

const MAX_FILE_SIZE = 5 * 1024 * 1024; // 5 MB

function handleFileUpload(event) {
    const file = event.target.files[0];
    if (file.size > MAX_FILE_SIZE) {
        alert("File size exceeds the limit of 5 MB. Please upload a smaller file.");
    } else {
        // Proceed with the upload
        uploadToS3(file);
    }
}

In this example:

• A maximum file size (MAX_FILE_SIZE) is set.
• If the file exceeds the limit, the user is alerted, and the upload is prevented.

Benefits of Frontend Validation

• Immediate Feedback: Users are notified right away if their file exceeds the limit.
• Reduced Bandwidth: Files that exceed the size limit aren’t sent to the backend, saving network bandwidth.
• Enhanced User Experience: By preventing large file uploads on the frontend, users avoid waiting for uploads that will ultimately be rejected.

Backend Approach: Validating File Size in Lambda

While frontend validation is helpful, adding size restrictions on the backend is essential for security. For example, users may bypass frontend validation or upload directly to S3. To enforce size restrictions at the backend, you can use AWS Lambda to check the file size before final processing.

Example Code for Backend Validation in AWS Lambda (Node.js)

To restrict file size on the backend, configure a Lambda function that validates file metadata before proceeding.

const AWS = require('aws-sdk');
const s3 = new AWS.S3();

const MAX_FILE_SIZE = 5 * 1024 * 1024; // 5 MB

exports.handler = async (event) => {
    const { bucketName, objectKey } = event;
    
    try {
        // Get metadata of the uploaded object
        const metadata = await s3.headObject({
            Bucket: bucketName,
            Key: objectKey
        }).promise();

        // Check if the file size exceeds the limit
        if (metadata.ContentLength > MAX_FILE_SIZE) {
            // Delete the object if it exceeds the allowed size
            await s3.deleteObject({
                Bucket: bucketName,
                Key: objectKey
            }).promise();
            return {
                statusCode: 400,
                body: JSON.stringify({ message: "File size exceeds the allowed limit of 5 MB" })
            };
        }

        // Process the file further if the size is within the limit
        return {
            statusCode: 200,
            body: JSON.stringify({ message: "File is within the allowed size limit" })
        };
    } catch (error) {
        console.error("Error processing file:", error);
        return {
            statusCode: 500,
            body: JSON.stringify({ message: "Error processing file" })
        };
    }
};

Setting Up the Lambda Trigger for S3

To automatically validate file size upon upload, set up an S3 Event Notification to trigger the Lambda function whenever a file is uploaded to the bucket.

Steps to Set Up the Lambda Trigger

1. Create or Open Your S3 Bucket:

   • In the S3 Console, select the bucket you want to enforce the file size limit on.

2. Configure Event Notifications:

   • In the bucket’s Properties tab, scroll down to Event notifications and select Create event notification.
   • Give your event a name, like FileUploadSizeValidation.

3. Set Event Type:

   • Select All object create events or specify a specific prefix or suffix if you only want to validate certain file types or folders.

4. Select Lambda Function as the Destination:

   • Under Destination, select Lambda Function and choose the Lambda function you configured to check file sizes.
   • Ensure the Lambda function has permission to be triggered by S3.

5. Save the Event Notification:

   • Click Save to complete the setup.

Benefits of Backend Validation

1. Security: Backend validation ensures that any attempt to bypass frontend controls is caught, preventing large file uploads.
2. Compliance: Enforcing file size limits on the backend helps maintain consistency and compliance with storage policies.
3. Cost Control: Removing oversized files immediately prevents unnecessary storage costs.

Summary

Implementing file size restrictions on both the frontend and backend helps enforce your application’s upload limits effectively. Frontend validation offers immediate feedback and a better user experience, while backend validation ensures security and compliance. By using AWS Lambda with S3 Event Notifications, you can automatically enforce file size limits for all S3 uploads, preventing unwanted storage costs and maintaining control over file sizes.