Bucket policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "statement1",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::$AccountID:user/$username"
},
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket"
],
"Resource": "arn:aws:s3:::$BucketName"
},
{
"Sid": "statement2",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::$AccountID:user/$username"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::$BucketName/*"
}
]
}
From AWS CLI, got the "Access Denied" error when trying the List Bucket command as the above $username:
C:>aws s3api list-buckets --profile $username
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
However, the same command above with the "Default" profile works fine:
C:>aws s3api list-buckets (works fine)
The AWS CLI installed is the latest version as of today, June 9 2023.
The $username has the following IAM policy/permission defined:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:ListBucket", "Resource": "arn:aws:s3:::$BucketName" } ] }