Hi,
I'm hoping to get some help with troubleshooting this. I setup a transfer family SFTP server and was able to connect and transfer files via Cyberduck without any issues. I setup a user for my coworker and he also is able to connect successfully. However, when creating this third user, we keep getting "Listing directory / failed. Access denied." The same role and policy is applied to this user. I checked the log and it seems to connect but then immediately gets "Access denied." I asked this user to send me their key pair and I can connect perfectly using their username but for whatever odd reason, they keep getting "Access denied" on their laptop.
Here's the policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": "arn:aws:s3:::people-ops-pyn"
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": ""
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObjectVersion",
"s3:DeleteObject",
"s3:GetObjectVersion"
],
"Resource": "arn:aws:s3:::people-ops-pyn/"
}
]
}
Here's the trust relationship policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": [
"transfer.amazonaws.com",
"s3.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
Edited by: calfun on Jun 23, 2021 3:08 PM