S3 cross region list buckets not working with the Java SDK

Question

Hi all. I'm trying to do a list buckets operation from an EC2 instance with an IAM role attached which has the necessary permissions. The instance is in region `us-east-1`. When I try to do the list operation from the AWS CLI using the region override, I'm able to list the buckets.
```
aws s3 ls --region us-east-2
```

But when I try to do the same using the Java SDK, I get a `ConnectionTimedOut` exception.
The client is built as follows which is used to do the list operation.

```
AmazonS3ClientBuilder s3ClientBuilder = AmazonS3ClientBuilder.standard();
return s3ClientBuilder
                .withRegion("us-east-2")
                .withForceGlobalBucketAccessEnabled(true)
                .build();
```

Code to print the list of buckets

```
List buckets = s3Client.listBuckets();
buckets.forEach(System.out::println);
```

Can anyone please help in what should I check for?

Answer

Hi, such a ConnectionTimeout usually comes from the fact that the EC2 instance cannot access the S3 service endpoint. The issue then lies usually in the security group of the VPC where the EC2 instance resides: it must allow access to Internet for https (tcp port 443).

If your EC2 needs to be in a fully private VPC, you'll have to define a service endpoint for S3 in the VPC.: see https://docs.aws.amazon.com/AmazonS3/latest/userguide/privatelink-interface-endpoints.html

Note: I'd suggest to get this code working on your laptop first before moving it to EC2. It reduces the number of potential config hiccups. When ok on your laptop, you can move it to EC2 and focus on the config of your resources.

Best,

Didier

S3 cross region list buckets not working with the Java SDK

関連するコンテンツ