By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Enabling S3 Transfer acceleration

0

Hi, I'm new to AWS and am trying to setup an s3 bucket with Transfer acceleration. I've created a new bucket with my account's root user through the console, I've created a policy that should allow me to turn the feature on but I get an access denied error. I also made sure (in permissions tab) that in the ACL I'm with the right user, and I do see: "Bucket owner (your AWS account)" which to me seems to be the right thing.

here's my policy: { "Version": "2012-10-17", "Statement": [ { "Sid": "Statement1", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<ACCOUNT_ID>:root" }, "Action": [ "s3:PutAccelerateConfiguration", "s3:PutBucketPolicy", "s3:GetBucketPolicy", "s3:GetBucketPolicyStatus", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListMultipartUploadParts", "s3:GetAccelerateConfiguration", "s3:GetBucketAcl" ], "Resource": [ "arn:aws:s3:::subline-be", "arn:aws:s3:::subline-be/*" ] } ] }"

Topics
Security, Identity, & ComplianceStorageManagement & Governance
Tags
AWS Identity and Access ManagementS3 Transfer AccelerationAmazon Verified Permissions
Language
English
yovel
asked 5 months ago240 views
1 Answer
0

Hello

If you logged into the web console using AWS root account and created an S3 bucket using this root account, you default to having root privileges for the entire AWS Account, so you do NOT need to make any AWS IAM policies. You can try to lift the policy restrictions on your root account and try enable S3 transfer acceleration again. Actually, I haven‘t meet the problem you described when using the root account when i use root account.

By the way,using the root account directly is NOT secure. I strongly recommend that you don't use the root user for your everyday tasks. Safeguard your root user credentials and use them to perform the tasks that only the root user can perform,for details please see: What is IAM?, I recommend you follow the Prerequisite: Setting up Amazon S3 steps to create a iam user.

when you use iam user(for example iam username is my-iam-username),and this user has AdministratorAccess permission policy

Enter image description here

you can try to create a new s3 bucket and then configuring fast, secure file transfers using Amazon S3 Transfer Acceleration.this can help you locate the cause of the problem

profile pictureAWS
ThinkTik
answered 5 months ago
  • yovel
    5 months ago

    thanks, I already tried your suggestion with an IAM user and ended up with the same issue. I even went into the IAM Policy Simulator and according to that tool, my user should be able to edit the bucket's properties.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content