- Newest
- Most votes
- Most comments
Tricky... please try the following: Make sure the IAM role used by the Lambda function has the necessary permissions to access the source and destination buckets. This includes s3:GetObject and s3:PutObject permissions.
When copying objects, the ownership does not automatically transfer to the destination bucket account. You need to explicitly grant the destination bucket owner permissions to the copied objects.
Try copying an object while setting the ACL to grant the destination bucket full control. For example:
aws s3 cp s3://source-bucket/object s3://destination-bucket/object --acl bucket-owner-full-control
Verify the bucket policy on the destination bucket allows the Lambda execution role to put objects.
Check for any explicit Deny policies that may be blocking access.
This creates more questions...but first some answers for you. Thanks in advance....
Just checked - The IAM DOES HAVE permissions for s3:GetObject & s3:PutObject.
Your example: aws s3 cp s3://source-bucket/object s3://destination-bucket/object --acl bucket-owner-full-control Are you suggesting this is placed in the Lambda Python function I wrote? Is this statement in Python?
You also say: Verify the bucket policy on the destination bucket allows the Lambda execution role to put objects.
You also say: Check for any explicit Deny policies that may be blocking access. Where and how to do this?
Relevant content
- Accepted Answerasked 6 years ago
- Accepted Answerasked 2 months ago
- AWS OFFICIALUpdated 5 months ago
Can you update your answer to include the actual error you are getting...