noetix
Reputation: 4923
Why I’m getting an `AccessDenied` when trying to upload to my S3 bucket with `PutObject` permissions?
Any idea why I’m getting an AccessDenied error when trying to upload to my S3 bucket?
serverless.yml:
service: foo-service
custom:
bucket: my-bucket-name
provider:
name: aws
iamRoleStatements:
- Effect: Allow
Action:
- s3:PutObject
Resource: "arn:aws:s3:::${self:custom.bucket}/*"
functions:
hello:
handler: handler.hello
environment:
BUCKET: ${self:custom.bucket}
I'm trying to add a file to S3 with public-read permissions.
Upvotes: 1
Views: 213
Answers (1)
noetix
Reputation: 4923
The s3:PutObject permission alone allows you to add an item to the S3 bucket, but if you configure any ACL attributes you'll need the additional permission s3:PutObjectAcl.
It should be like this:
provider:
name: aws
iamRoleStatements:
- Effect: Allow
Action:
- s3:PutObject
- s3:PutObjectAcl
Resource: "arn:aws:s3:::${self:custom.bucket}/*"
Upvotes: 1
Related Questions
- Getting Access Denied when calling the PutObject operation with bucket-level permission
- An error occurred (AccessDenied) when calling the PutObject operation: Access Denied but works on my system
- AWS S3 permissions - error with put-bucket-acl
- Access Denied when trying to PutObject to s3
- A client error (AccessDenied) occurred when calling the PutObject operation: Access Denied
- S3 PutObject Access Denied when deploying to
- Access Denied Error uploading object to s3 bucket
- AWS IAM not allowing PutObject
- Amazon S3 Put Object 403 Forbidden Error
- AWS IAM GroupPolicy - Why is the s3:PutObject permission not working?