Access Forbidden when accessing manifest.json from S3 Batch operation

0

I am trying to apply an ACL to a set of objects. For that I am trying to use the new S3 Batch operations service.

I have a manifest.json file generated by the S3 Inventory service. I have created a job that takes a role with Full S3 permissions. The bucket policy provides full S3 access for that role to the contents of the bucket and the bucket.

However, I am getting this error: Reading the manifest is forbidden: AccessDenied.

I have checked the bucket policy and the ACL for both the bucket and the object and my account is the owner of the bucket and has full access to the object. The object seems to be owned by a service account.

profile pictureAWS
EXPERT
Tasio
asked 5 years ago1514 views
1 Answer
0
Accepted Answer

"Reading the manifest is forbidden: AccessDenied." ->Usually this happens if the s3 batch operations service was not able to assume the IAM role you assigned to the job to read the manifest and perform the operations it was configured to do. Check the trust policy of the IAM role and see whether it allows the s3 batch operations service to assume that role or not.

profile pictureAWS
EXPERT
Tasio
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions