- Newest
- Most votes
- Most comments
What you've done is fine for accessing the bucket. But to have the S3 Console working properly they need "s3:GetBucketLocation", "s3:ListAllMyBuckets" allowed.
Check for a bucket policy that is blocking access. Or an SCP. You can investigate using the Policy Simulator. Make sure to fill out the Resource in the simulator.
Hello!
Granting the s3:* permission to a user allows them to perform any action on the S3 bucket and its objects, but it does not necessarily grant them the permission to list the bucket. To list the buckets, the user needs the s3:ListAllMyBuckets permission.
To grant the s3:ListAllMyBuckets permission to the user, you can add a statement to their policy like this:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:ListAllMyBuckets" ], "Resource": "" }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:" ], "Resource": [ "arn:aws:s3:::my-bucket", "arn:aws:s3:::my-bucket/*" ] } ] }
Note that granting the s3:ListAllMyBuckets permission allows the user to list all the S3 buckets in your AWS account, so make sure to review and restrict the user's access as needed.
Let me know if that answered your question
Relevant content
- Accepted Answerasked 7 months ago
- Accepted Answerasked a year ago
- Accepted Answerasked 10 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 7 months ago
This was the answer. Important to note that the
ListAllMyBuckets
perm needs to have no resource restrictions.Glad it worked! If you get around to it, please hit Accept on this answer to help future people searching fot the solution.