Enabling S3 Transfer acceleration

Question

Hi, I'm new to AWS and am trying to setup an s3 bucket with Transfer acceleration.
I've created a new bucket with my account's root user through the console, I've created a policy that should allow me to turn the feature on but I get an access denied error.
I also made sure (in permissions tab) that in the ACL I'm with the right user, and I do see: "Bucket owner (your AWS account)" which to me seems to be the right thing.

here's my policy:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Statement1",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam:::root"
            },
            "Action": [
                "s3:PutAccelerateConfiguration",
                "s3:PutBucketPolicy",
                "s3:GetBucketPolicy",
                "s3:GetBucketPolicyStatus",
                "s3:ListBucket",
                "s3:ListBucketMultipartUploads",
                "s3:ListBucketVersions",
                "s3:ListMultipartUploadParts",
                "s3:GetAccelerateConfiguration",
                "s3:GetBucketAcl"
            ],
            "Resource": [
                "arn:aws:s3:::subline-be",
                "arn:aws:s3:::subline-be/*"
            ]
        }
    ]
}"

Answer

Hello

If you logged into the web console using AWS root account and created an S3 bucket using this root account, you default to having root privileges for the entire AWS Account, so you do NOT need to make any AWS IAM policies.  You can try to lift the policy restrictions on your root account and try enable S3 transfer acceleration again.  Actually, I haven‘t meet the problem you described when using the root account when i use root account.

By the way,using the root account directly is NOT secure. I strongly recommend that you don't use the root user for your everyday tasks. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform,for details please see: [What is IAM?](https://docs.aws.amazon.com/IAM/latest/UserGuide/introduction.html), I recommend you follow the [Prerequisite: Setting up Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/setting-up-s3.html) steps to create a iam user.

when you use iam user(for example iam username is `my-iam-username`),and this user has `AdministratorAccess` permission policy

![Enter image description here](/media/postImages/original/IMZPwsxmlRTn-XWHtTT5pyAA)

you can try to create a new s3 bucket and then [configuring fast, secure file transfers using Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration.html).this can help you locate the cause of the problem

Enabling S3 Transfer acceleration

관련 콘텐츠