1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
Hi Saurav,
When accessing objects in Amazon S3 there are two possible policies that can affect the outcome
- IAM User/Role Access Policies. It seems your admin user has enough permissions from what you attach
- Amazon S3 Bucket Policies. The bucket can allow or block permissions. If the IAM User has permissions to access the bucket, but the bucket policy has an explicit deny, then the overall action is to DENY that access. In your case I would check the Amazon S3 Bucket policies in order to see if it has a policy blocking it's use.
Hope this helps!
respondido hace 8 meses
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
I have added the bucket policy like so and unable to list the buckets still. But do I need a bucket policy even to list all the buckets? { "Version": "2012-10-17", "Statement": [ { "Sid": "AddPerm", "Effect": "Allow", "Principal": "", "Action": [ "s3:GetObject", "s3:PutObject" ], "Resource": "arn:aws:s3:::********/" }, { "Sid": "statement2", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::22026****:user/admin" }, "Action": "s3:", "Resource": "arn:aws:s3:::abcdxxxxx/" }, { "Sid": "statement1", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::22026******:user/admin" }, "Action": "s3:*", "Resource": "arn:aws:s3:::abcdxxxxxxxx" } ] }
If there isn't an explicit DENY on the policy, then it shouldn't be a problem. What is the error you are actually getting? The easiest route may be to hire AWS Support Developer for a month (10 USD) and ask the question to our support team. The most likely source of problems would be the IAM Policy you are using, although it seems okay from what you have shared so far. There are more unlikely sources for the problem (IAM Boundaries, Organization SCPs or others) but I think it's something less obscure than that. Maybe you are not logging in to the correct IAM User or some other problem. Sharing the specific error would help troubleshoot