Reputation: 127
ASP.NET Core 2 Web API AWS .NET SDK S3 Access Denied
I'm developing a web api using .NET Core 2 on a Windows laptop. I'm trying to access my S3 bucket and am getting an Access Denied error.
Interesting thing is that it works with the AWS CLI.
My appSettings.Development.json file:
"AWS": {
"Profile": "my-profile",
"Region": "us-east-1"
}
Startup.cs file:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
var options = Configuration.GetAWSOptions();
services.AddDefaultAWSOptions(Configuration.GetAWSOptions());
services.AddAWSService<IAmazonS3>();
}
BucketController.cs file:
public async Task<IEnumerable<string>> Get()
{
// List all objects
ListObjectsRequest listRequest = new ListObjectsRequest
{
BucketName = "shel-bucket"
};
ListObjectsResponse listResponse;
do
{
// Get a list of objects
listResponse = await _client.ListObjectsAsync(listRequest);
foreach (S3Object obj in listResponse.S3Objects)
{
Console.WriteLine("Object - " + obj.Key);
Console.WriteLine(" Size - " + obj.Size);
Console.WriteLine(" LastModified - " + obj.LastModified);
Console.WriteLine(" Storage class - " + obj.StorageClass);
}
// Set the marker property
listRequest.Marker = listResponse.NextMarker;
} while (listResponse.IsTruncated);
return null;
}
The error I get is AmazonS3Exception: Access Denied.
When I do it from the AWS CLI it works.
aws --profile my-profile s3 ls shel-bucket
PRE test1/
PRE images/
PRE projects/
PRE test4/
My credentials and confil files are in the default location in .aws.
Upvotes: 3
Views: 3907
Answers (4)
Reputation: 146
- I have solved with following below steps
- Goto AWS IAM service
- Select Users
- Click Add Permissions
- Give access to S3 and try now.
Upvotes: 2
Reputation: 109
Check your permissions for file write/read access in your account or try this through coding
CannedACL = S3CannedACL.BucketOwnerFullControl
It resolved my problem when I faced the same Issue.
Upvotes: 2
Reputation: 1
I tried all of this and it worked when deploying to AWS Lambda but never worked in my local environment. I resolved it by creating a new S3Client myself instead of injecting it:
var S3Client = new AmazonS3Client(Amazon.RegionEndpoint.USWest2);
Upvotes: 0
Reputation: 670
In your code, try replacing your Startup with:
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc();
services.AddSingleton<IS3Service, S3Service>();
services.AddAWSService<IAmazonS3>();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseMvc();
}
You first need to install in the Package Manager Console:
`Install-package AWSSDK.Extensions.NETCORE.Setup`
`Install-package AWSSDK.S3`
Then you need to have the credentials file in the directory:
`C:\Users\username\.aws\credentials`
The credential file should have this format:
[default]
aws_access_key_id=[Write your access key in here]
aws_secret_access_key=[Write your secret access key in here]
region=[Write your region here]
I uploaded in github an example of a basic CRUD in ASP.NET CORE for S3 buckets.
Upvotes: 2
Related Questions
- AWS .NET SDK configure S3 Client with ASP.NET Core Dependency Injection
- S3 and .net Amazon SDK - GetObject is inaccessible due to protection level
- .NET Core 3.x setting development AWS credentials
- AWS S3 - Access denied , Request is not yet valid
- "Exception has been thrown by the target of an invocation" error when injecting Amazon S3 Service in ASP .Net Core constructor
- .NET Core 2.0 add service IAmazonS3
- Configuring AWS S3 Client in .NET Core
- AWS .NET SDK: cannot access S3 from S3 endpoint
- Amazon S3: GetObject Request throwing an exception "Access denied" 403
- AWS SDK for .NET can't access credentials with IIS