timgavin
timgavin

Reputation: 5166

Amazon S3 Can't Delete Object via API

I'm setting up a new policy so my website can store images on S3, and I'm trying to keep it as secure as possible.

I can put an object and read it, but can not delete it, even though it appears I've followed the recommendations from Amazon. I am not using versioning.

What am I doing wrong?

Here's my policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObjectAcl",
                "s3:GetObject",
                "s3:DeleteObjectVersion",
                "s3:PutLifecycleConfiguration",
                "s3:DeleteObject",
                "s3:ListObjects"
            ],
            "Resource": "*"
        }
    ]
}

Upvotes: 0

Views: 182

Answers (1)

timgavin
timgavin

Reputation: 5166

After screwing around with multiple permission actions it turns out I needed to add s3:ListBucket and s3:ListObjects. Once added I can now delete objects.

Upvotes: 1

Related Questions