Browse through the questions and answers listed below or filter and sort to narrow down your results.
2
answers
0
votes
24
views
asked 3 days ago
0
answers
0
votes
4
views
asked 12 days ago
0
answers
0
votes
3
views
asked 13 days ago
0
answers
0
votes
5
views
asked a month ago
2
answers
0
votes
19
views
asked a month ago
Adding S3 Bucket Policy Cause S3 Replication Failed
Hello,
Can anyone help me below case?
I wanted my bucket to access from specific IPs only, otherwise deny. I set up S3 bucket policy as follow:
```
{
"Version": "2012-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPAllow",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::DOC-EXAMPLE-BUCKET",
"arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
],
"Condition": {
"NotIpAddress": {
"aws:SourceIp": "x.x.x.x"
},
"Bool":{
"aws:ViaAWSService":"false"
}
}
}
]
}
```
For S3 replication, I configured S3 Replication Rule as per AWS Docs by setting policies and attaching to IAM role as follow:
```
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Principal":{
"Service":"s3.amazonaws.com"
},
"Action":"sts:AssumeRole"
}
]
}
```
```
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"s3:GetReplicationConfiguration",
"s3:ListBucket"
],
"Resource":[
"arn:aws:s3:::SourceBucket"
]
},
{
"Effect":"Allow",
"Action":[
"s3:GetObjectVersionForReplication",
"s3:GetObjectVersionAcl",
"s3:GetObjectVersionTagging"
],
"Resource":[
"arn:aws:s3:::SourceBucket/*"
]
},
{
"Effect":"Allow",
"Action":[
"s3:ReplicateObject",
"s3:ReplicateDelete",
"s3:ReplicateTags"
],
"Resource":"arn:aws:s3:::DestinationBucket/*"
}
]
}
```
Without bucket policy, objects are replicated smoothly. Once I add the bucket policy, replication is failed every time. I have no idea.
Regards,
Ohnmar
Accepted AnswerAmazon Simple Storage Service
1
answers
0
votes
5
views
asked 2 months ago