[ERROR] ClientError: An error occurred (AccessDenied) when calling the PutObjectTagging operation: Access Denied

Question

[ERROR] ClientError: An error occurred (AccessDenied) when calling the PutObjectTagging operation: Access Denied Traceback (most recent call last): File "/var/lang/lib/python3.8/site-packages/aws_lambda_powertools/metrics/metrics.py", line 184, in decorate response = lambda_handler(event, context) File "/var/lang/lib/python3.8/site-packages/aws_lambda_powertools/logging/logger.py", line 354, in decorate return lambda_handler(event, context, *args, **kwargs) File "/var/task/lambda.py", line 75, in lambda_handler set_status(input_bucket, input_key, INPROGRESS) File "/var/task/lambda.py", line 116, in set_status s3_client.put_object_tagging( File "/var/lang/lib/python3.8/site-packages/botocore/client.py", line 508, in _api_call return self._make_api_call(operation_name, kwargs) File "/var/lang/lib/python3.8/site-packages/botocore/client.py", line 915, in _make_api_call raise error_class(parsed_response, operation_name)

Can any one help me to resolve the issue.

I double checked my IAM roles adn could not resolve the issue.

Can any one help me to resolve the issue.

I double checked my IAM roles adn could not resolve the issue.

Accepted Answer

My guess is that the Lambda role doesn't have permissions to update object tags so I'd check that first. The documentation has the various IAM permissions that can be created for S3 - search for PutObjectTagging.

There might also be an issue with the bucket policy which is denying access.

Otherwise, if you can provide a code snippet that might help.

There might also be an issue with the bucket policy which is denying access.

Otherwise, if you can provide a code snippet that might help.

[ERROR] ClientError: An error occurred (AccessDenied) when calling the PutObjectTagging operation: Access Denied

Contenido relevante