CODEWITHSUNDEEP
amazon-web-servicesamazon-s3
max pleaner
max pleaner

Reputation: 26778

cant upload files to s3 with awscli - access denied

Here's the step's I've taken:

  1. create a s3 bucket, copy the permission policy for public reads (see below)
  2. Enable static web hosting and set the root to index.html (which hasn't been uploaded yet)
  3. Try and use the web interface to upload a folder, but it's not supported on Linux
  4. run awscli configure and enter my access token, secret token, region
  5. edit ~/.aws/config and add signature_version = s3v4 (this is to avoid an error if I leave this out)
  6. Try aws s3 sync . s3://my-music

  7. See this error:

    An error occurred (AccessDenied) when calling the ListObjects operation: Access Denied Completed 1 part(s) with ... file(s) remaining

With no other info.

the bucket policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadForGetBucketObjects",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-music/*"
        }
    ]
}

I have to say I don't know much about policy / iam on aws. I really just want to upload a static website and visit it, shouldn't be too hard right? Except the website has a lot of files, and I need to bulk-upload them somehow. If it makes any difference, I did create a iam user and that is the credentials I am using for access / secret token.

Upvotes: 3

Views: 2036

Answers (1)

max pleaner
max pleaner

Reputation: 26778

I had failed to attach a policy to my new IAM user.

I visited https://console.aws.amazon.com/iam/home

and clicked the new user, this brought up a button to attach a policy.

I added the first policy there ("administrator access"), and that was all I needed to do.

Upvotes: 1

Related Questions