Signing at the client-side (the browser) means that aws credentials are used from the browser... which is not secure. I think backend signing or Cognito are more suitable to perform the signing correctly.