S3 Access Denied While using Sync command.

Question

I use Terraform to maintain our AWS architecture.
We have Roles in both staging and prod accounts to deploy our terraform code.
Terraform code is running on ec2 instance in staging and peering connection is made to run on prod account.
While running aws s3 sync command...it works well in staging but Access Denied in prod.
My staging role has sts assumeRole policy  for prod ( I have created buckets and added policies in both accounts ).
This issue arises while running s3 sync command to sync files from particular folder into s3 bucket.
It works fine in Staging ( sync command ) but in prod it raises an error of Access Denied.
Am I missing something that is causing the issue.
My both Roles to Deploy Terraform code has access to all resources with all actions.

Answer

Can you please check if the bucket policy is also updated, something like below.

```
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::AccountB:user/AccountBUserName"
            },
            "Action": [
                "s3:GetObject",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::AccountABucketName/*"
            ]
        }
    ]
}
```

S3 Access Denied While using Sync command.

相關內容