Denis Morin
Reputation: 83
Aws::S3::Errors::AccessDenied when trying to write using rails apps
we are builder a staging server, and to do it we clone our production server. So I create a new bucket for staging and I copy all the content of the production bucket into the staging bucket using the interface provided in Amazon S3 (copy/paste).
The staging application can read and delete file from the staging bucket without problems, but I can't write new file...
Is somebody have an idea? I paste here the policy I have configured:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutAnalyticsConfiguration",
"s3:GetObjectVersionTagging",
"s3:CreateBucket",
"s3:ReplicateObject",
"s3:GetObjectAcl",
"s3:DeleteBucketWebsite",
"s3:PutLifecycleConfiguration",
"s3:GetObjectVersionAcl",
"s3:PutBucketAcl",
"s3:PutObjectTagging",
"s3:DeleteObject",
"s3:GetIpConfiguration",
"s3:DeleteObjectTagging",
"s3:GetBucketWebsite",
"s3:PutReplicationConfiguration",
"s3:DeleteObjectVersionTagging",
"s3:GetBucketNotification",
"s3:PutBucketCORS",
"s3:DeleteBucketPolicy",
"s3:GetReplicationConfiguration",
"s3:ListMultipartUploadParts",
"s3:PutObject",
"s3:GetObject",
"s3:PutBucketNotification",
"s3:PutBucketLogging",
"s3:PutObjectVersionAcl",
"s3:GetAnalyticsConfiguration",
"s3:GetObjectVersionForReplication",
"s3:GetLifecycleConfiguration",
"s3:ListBucketByTags",
"s3:GetInventoryConfiguration",
"s3:GetBucketTagging",
"s3:PutAccelerateConfiguration",
"s3:DeleteObjectVersion",
"s3:GetBucketLogging",
"s3:ListBucketVersions",
"s3:ReplicateTags",
"s3:RestoreObject",
"s3:ListBucket",
"s3:GetAccelerateConfiguration",
"s3:GetBucketPolicy",
"s3:GetObjectVersionTorrent",
"s3:AbortMultipartUpload",
"s3:PutBucketTagging",
"s3:GetBucketRequestPayment",
"s3:GetObjectTagging",
"s3:GetMetricsConfiguration",
"s3:DeleteBucket",
"s3:PutBucketVersioning",
"s3:PutObjectAcl",
"s3:ListBucketMultipartUploads",
"s3:PutMetricsConfiguration",
"s3:PutObjectVersionTagging",
"s3:GetBucketVersioning",
"s3:GetBucketAcl",
"s3:PutInventoryConfiguration",
"s3:PutIpConfiguration",
"s3:GetObjectTorrent",
"s3:ObjectOwnerOverrideToBucketOwner",
"s3:PutBucketWebsite",
"s3:PutBucketRequestPayment",
"s3:GetBucketCORS",
"s3:PutBucketPolicy",
"s3:GetBucketLocation",
"s3:ReplicateDelete",
"s3:GetObjectVersion"
],
"Resource": [
"arn:aws:s3:::naturebooker-staging",
"arn:aws:s3:::naturebooker_staging/*"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:HeadBucket",
"s3:ListObjects"
],
"Resource": "*"
}
]
}
Upvotes: 2
Views: 353
Answers (2)
Gary Vernon Grubb
Reputation: 11215
Please check if the resource name is correct. I see _ instead of -
Upvotes: 2
Related Questions
- I have full S3 permissions, confirmed with simulator, but getting an access denied using AWS S3 SDK for Rails
- AWS::S3::Errors::AccessDenied. Cannot save to S3 with Ruby on Rails
- AWS::S3::Errors::AccessDenied: Access Denied when trying to do copy_to
- Aws::S3::Errors::AccessDenied: Access Denied
- Trying to set up Amazon's S3 bucket: 403 Forbidden error & setting permissions
- Access denied with root user s3, with Ruby on Rails
- 403 Forbidden for amazon s3 put api to upload file in Rails App
- AWS::S3::Errors::InvalidAccessKeyId
- Amazon S3 GET object Access Denied
- AWS-SDK Rails 3.1 Ruby 1.9.3 Writes fail