S3 Access Denied While using Sync command.

0

I use Terraform to maintain our AWS architecture. We have Roles in both staging and prod accounts to deploy our terraform code. Terraform code is running on ec2 instance in staging and peering connection is made to run on prod account. While running aws s3 sync command...it works well in staging but Access Denied in prod. My staging role has sts assumeRole policy for prod ( I have created buckets and added policies in both accounts ). This issue arises while running s3 sync command to sync files from particular folder into s3 bucket. It works fine in Staging ( sync command ) but in prod it raises an error of Access Denied. Am I missing something that is causing the issue. My both Roles to Deploy Terraform code has access to all resources with all actions.

1 Answer
1

Can you please check if the bucket policy is also updated, something like below.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::AccountB:user/AccountBUserName"
            },
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::AccountABucketName/*"
            ]
        }
    ]
}
AWS
Rishi
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions