Reputation: 731
Policy has invalid action - AWS S3
I'm trying to set up a policy on my S3 bucket, but I'm recieving an error. The error also does not tell me where to look for issues. I saw a similar post here, but since I'm not using IAM roles, I don't believe it's pertinent.
I generated my bucket's policy directly from Amazon's Policy Generator. Here is my policy:
{
"Id": "Policy1512577467217",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1512577462905",
"Action": [
"s3:GetObject",
"s3:ListAllMyBuckets",
"s3:ListBucket",
"s3:ListObjects"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::please-work-god/*",
"Principal": "*"
}
]
}
When I try to save the policy, I see the following message:
Error: Policy has invalid action
Any help would be greatly appreciated.
Upvotes: 2
Views: 4722
Answers (1)
Reputation: 19758
S3 bucket policy Actions are different from IAM policy actions. Following actions are not allowed in Bucket policy, which is the reason for the error.
- s3:ListAllMyBuckets
- s3:ListObjects
For the s3:ListBucket action it requires the arn to have the bucket name as suffix but not /*
You can go through Specifying Permissions in a Policy actions for bucket policies.
Upvotes: 4
Related Questions
- To grant access, policies must have an action that has an applicable resource or condition
- AWS S3 Bucket Policy is not valid
- AWS Bucket Policy Error: Policy has invalid action
- AWS S3 Error 'Policy has invalid resource'
- S3 bucket policy error "Conditions do not apply to combination of actions and resources in statement"
- aws bucket policy editor - Action does not apply to any resource(s) in statement
- Policy has invalid resource
- S3 bucket policy has invalid action
- AWS Bucket Policy Invalid Resource
- Getting error when trying to setup Amazon S3 bucket policy