I'm trying to create S3 event notification to SNS topic from an existing S3 bucket. I'm receiving "Unable to validate the following destination configurations".
Initially I thought the issue was with the SNS topic Access Policy and tried different troubleshooting suggestions, such as this video https://www.youtube.com/watch?v=RjSW75YsBMM, but nothing worked.
I'm using the following policy:
{
"Version": "2012-10-17",
"Id": "example-ID",
"Statement": [
{
"Sid": "Example SNS topic policy",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": [
"SNS:Publish"
],
"Resource": "SNS-topic-ARN",
"Condition": {
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:bucket-name"
},
"StringEquals": {
"aws:SourceAccount": "bucket-owner-account-id"
}
}
}
]
}
Then I decided to focus on the S3 bucket part of the equation and created brand new bucket with exactly the same configuration, switched the SourceArn in the policy with the new bucket's arn and the event notification was successfully created.
What could be the reason for a given SNS topic with a given policy to work with one S3 bucket, but not with another?
AWS 공식업데이트됨 일 년 전
