1 Answer
- Newest
- Most votes
- Most comments
2
The bucket may allow the $Username to list buckets, but what is the IAM permissions for the actual $username itself? Both the IAM permissions for the entity AND the resource policy for the bucket must both allow the action, otherwise you may have the IAM policy associated with the $username causing the deny.
Relevant content
- asked 2 years ago
- asked 6 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 4 months ago
The $username has the following IAM policy/permission defined:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::$BucketName" } ] }