2 回答
- 最新
- 投票最多
- 评论最多
3
There could be a mismatch somewhere, run aws configure list to show the actual credentials that you are using in the AWS CLI right now, and verify that the (partially obscured) access_key and secret_key are those that you expect to be using.
1
Run the following command to make sure you are the principle you think you are.
aws sts get-caller-identity
If that is correct, check to see if there is a bucket policy on the bucket that might be denying your request.
相关内容
AWS 官方已更新 2 年前
Thank you for your answer on this. I ran:
aws configure listand theaccess_keyandsecret_keyare what I'm expecting the CLI to use. When I run:aws s3 ls(using the root accounts' access key), the buckets are returned without an issue. Don't understand why I'm not able to do the same with the IAM User with admin permissions.As the root user,
aws iam list-attached-user-policies --user-name [the_iam_user]and confirm it's definitely got"PolicyName": "AdministratorAccess"and"PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess".And also as the root user,
aws iam list-access-keys --user-name [the_iam_user]theAccessKeyIdis definitely what you expect it to be, and its status isActive?You were right on the money. After running
aws iam list-attached-user-policies --user-name [the_iam_user], I noticedAdministratorAccesswas not one of the policies attached to the IAM user. I was attaching the policies from a group, for some reason the user didn't inherit the permissions of the group. I added the policy directly to the IAM user and that resolved the issue. Thanks a lot for your help.