Include s3:ListObjectsV2 as action in bucket policy

Question

For some reason I'm not able to include ListObjects or ListObjectsV2 as action in a S3 bucket policy. When trying to save a policy including:  
  
        {  
            "Sid": "aaaa",  
            "Effect": "Allow",  
            "Principal": "*",  
            "Action": "s3:ListObjectsV2",  
            "Resource": "arn:aws:s3:::_bucket_"  
        }  
  
I get an error:  
  
Unknown Error - An unexpected error occurred.  
API response  - Policy has invalid action  
  
The same happens with ListObjects. Including other actions is ok, including GetObject and PutObject:  
 {  
            "Sid": "aaaa",  
            "Effect": "Allow",  
            "Principal": "*",  
            "Action": \[  
                "s3:PutObject",  
                "s3:GetObject"  
            ],  
            "Resource": "arn:aws:s3:::bucket/*"  
  }  
  
I try to access files from a bucket assessible to authenticated users via the aws cli. I'm able to download files using aws cp, but when trying aws ls, I get the error message:  
  
An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied  
  
I've been searching the web without finding an answer, so I hope somebody can help....  
  
Edited by: jehake on Mar 5, 2021 12:11 AM

Answer

Hi,  
  
Kindly note ListObjects or ListObjectsV2 is the name of the API call that lists the objects in a bucket. You will need to use s3:ListBucket in the action element to allow a user to list the objects in a bucket.  
  
https://aws.amazon.com/premiumsupport/knowledge-center/s3-access-denied-listobjects-sync/  
  
Here is how I would write the policy to list the objects in a bucket.  
  
{  
    "Version": "2012-10-17",  
    "Id": "S3PolicyId1",  
    "Statement": \[  
        {  
            "Sid": "AllowList",  
            "Effect": "Allow",  
            "Principal": "*",  
            "Action": "s3:ListBucket",  
            "Resource": "arn:aws:s3:::bucketname"  
        }  
    ]  
}  
  
Regards,  
Pavithra

Answer

Hello jehake, Has your problem of your code been resolve? Let us know. Also, remember to click on the "Accept" button when an answer provided in the community helped you. This allows other community members to also benefit from it. Thank you for your participation.

Include s3:ListObjectsV2 as action in bucket policy

相關內容