- 新しい順
- 投票が多い順
- コメントが多い順
To run aws s3 cp, you need to allow s3:GetObject and s3:PutObject for your IAM User. To run the command aws s3 cp with the --recursive option( if you are copying multiple objects at once), you need permission to s3:GetObject, s3:PutObject, and s3:ListBucket. To run the command aws s3 sync, then you need permission to s3:GetObject, s3:PutObject, and s3:ListBucket. You may need additional permissions for performing copy on versioned objects or to copy those objects with tags. To copy a specific version of an object, you need the permission for s3:GetObjectVersion in addition to s3:GetObject. For copying objects that have object tags, your IAM identity must have s3:GetObjectTagging ( on the source object)and s3:PutObjectTagging permissions ( on the destination bucket)
Hi
You need additional permissions for sync
https://aws.amazon.com/premiumsupport/knowledge-center/s3-access-denied-listobjects-sync/
When you run the aws s3 sync command, Amazon S3 issues the following API calls: ListObjectsV2, CopyObject, GetObject, and PutObject. Also, sync can delete objects as well, so you might need DeleteObject if you use the --delete option
