By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

I can't put s3 object with --acl public-read option

0

Hi all,

I'm using AWS Lightsail bucket service. My account has a following policy but I can't put s3 object with --acl public-read option. without --acl option it works.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "S3BucketAccess",
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::bucketname/*",
                "arn:aws:s3:::bucketname",
            ]
        }
    ]
}
  • cli command : aws s3api put-object --bucket bucketname --key test.txt --acl public-read
  • error message : An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

Thanks, in advance.

  • Larry
Topics
StorageComputeSecurity, Identity, & Compliance
Tags
Amazon Simple Storage ServiceAmazon LightsailIAM Policies
Language
English
Larry Kim
asked 2 months ago105 views
2 Answers
0

Hello.

Since the ACL cannot be set on the Lightsail bucket using the command below, I suspect that the settings around ACL cannot be used on the Lightsail bucket.

aws s3api put-bucket-acl --bucket bucket-s7oabn --acl public-read
profile picture
EXPERT
Riku_Kobayashi
answered 2 months ago
0

Hi. Could you confirm you have set the right permissions for the Lightsail bucket?

https://docs.aws.amazon.com/lightsail/latest/userguide/amazon-lightsail-configuring-bucket-permissions.html

You may need the "Individual objects can be made public" bucket permission described here which can be set via console or CLI.

https://docs.aws.amazon.com/cli/latest/reference/lightsail/update-bucket.html

The access-rules argument here.

AWS
Varun_R
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content