I’m trying to set up a REST API Resource in Retool Cloud using an OpenAI spec, which is hosted in an AWS S3 bucket. I don’t want this spec to be publicly available; that’s why I want so restrict access to just a few IP addresses using a bucket policy.
For now, I’ve set up the bucket permissions as wide as possible using the access policy JSON below, and it works as I can access the file from both my home and my office:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowAll",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::mybucket",
"arn:aws:s3:::mybucket/*"
],
"Condition": {
"IpAddress": {
"aws:SourceIp": "0.0.0.0/0"
}
}
}
]
}
When I try to load the spec when setting up the Resource in Retool, I get this error:
This URL requires authentication. If the spec is behind auth, try downloading it from your API provider's dev portal and hosting it somewhere accessible.
Any idea what could cause the error? Happy to share the spec URL in a DM.
P.S. A feature request as well: I’d love to be able to paste the OpenAPI Spec JSON contents into ReTool, so I don’t need to jump hoops just to keep my spec from remaining private.