- Newest
- Most votes
- Most comments
It isn't necessary to have permissions to s3:ListBucket in order to validate the existence of a bucket, as the 404 Not Found is returned for a non-existent bucket even if your IAM user is specifically denied access to s3:ListBucket, where-as a bucket that did exist would return 403 Forbidden.
The Alpakka AWS S3 documentation you link to appears to be aware of this, but I can't speak to how that software works internally. If the need is to validate the existence of the bucket and this is failing, I would reach out to Alpakka
However, in your question, you mention both the existence of the bucket and validating access to the bucket.
For validating access, if HeadBucket is being used to validate access, I cannot see a workaround. It wouldn't be appropriate to do so; as your example illustrates you can have partial access to the bucket without having access to HeadBucket. But as well, I can't see any method by which you'd allow HeadBucket, while also not allowing ListObjects or ListObjectsV2 on the root prefix, as all condition keys would be the same for the two calls.
Relevant content
- asked 9 months ago
- asked a year ago
- Why is no data migrated from my Amazon S3 source endpoint even though my AWS DMS task is successful?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated 10 months ago