jamesdeath123
Reputation: 4608
aws policy for read/write to a file within a bucket
I have the following s3 structure:
bucket name: test-bucket
file: test.json
And I have the following aws policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:PutObject",
"Action": "s3:GetObject",
"Action": "s3:DeleteObject",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::test-bucket"
}
]
}
And this policy is attached to a user with access key 123.
When I try to put or get the test.json in the test-bucket using the sdk as this:
BasicAWSCredentials awsCreds = new BasicAWSCredentials("123", "secretKeyId");
s3Client = AmazonS3ClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(awsCreds))
.withRegion("US-EAST-1")
.build();
s3Client.putObject(new PutObjectRequest("test-bucket", "test.json", file));
This will give the access deny problem.
If I change the policy's resource to
"Resource": "*"
then it will work. I just want to make sure the resource I put is in correct format. What went wrong?
Upvotes: 0
Views: 131
Answers (1)
Vor
Reputation: 35099
You need to let amazon know that beside your bucket you also want to access content of your bucket.
So change resource from:
"Resource": "arn:aws:s3:::test-bucket"
To something like:
"Resource": [
"arn:aws:s3:::test-bucket",
"arn:aws:s3:::test-bucket/*"
]
Upvotes: 1
Related Questions
- how to set permissions to a single file in a bucket for amazon aws using java
- AWS: Does my S3 bucket need a policy for files to be readable from my application?
- Issuing uploading file to Amazon S3 Bucket. using the AWS SDK for Java v2
- How to read a file from an Amazon S3 bucket using the AWS SDK for Java V2
- Put/read files on S3 bucket using JAVA
- Upload a file to AWS S3 with public access granted
- Read and write to a file in Amazon s3 bucket
- Upload file to S3 bucket using IAM credentials and policy Java AWS SDK
- Limit write access to JSON file on AWS S3 server
- How can I simultaneously read and write a file in S3?