- Newest
- Most votes
- Most comments
Hi to anyone facing a similar issue :)
Even though the bucket policy kept changing when I saved it in the bucket using the console, as I've stated above, that actually wasn't the problem. The documentation example policy I copied end edited has an error, particularly in the following line:
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::my-bucket/AWSLogs/account-ID/*",
Remove the AWSLogs part and everything will work. Please make the docs clearer.
The issue you are experiencing is likely due to the formatting of the policy file. The AWS policy language requires that some fields be formatted as a JSON array (e.g. "aws:SourceAccount": ["0123456789"]) instead of a string (e.g. "aws:SourceAccount": "0123456789").
To ensure that the policy is formatted correctly, you can use a JSON linter or validator to check the syntax of the policy file before saving it. Additionally, you can try using the AWS Management Console to edit the bucket policy, as it may automatically format the policy correctly.
It's unlikely that this is a bug in the AWS API, as the behavior you're describing is consistent with the policy language requirements.
Relevant content
- asked 4 months ago
- Accepted Answerasked a year ago
- Accepted Answerasked 9 months ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 8 months ago
Hi, thank you for the quick response. As I've said above I've used the AWS Management Console to edit the bucket policy and even though I correctly input a JSON array for the aforementioned field, when I click "Save" it appears as a string. I've used a validator before it and everything checks out. Now usually things in AWS work well but sometimes they don't. It's rare but it happens, so that's why I'm asking this.