Reputation: 59
Access Denied when trying to download a picture from the aws s3 bucket
I tried using AWSS3transferutility to download photos from the aws s3 bucket and display them on my imageView in an ios app, however, when it gives me an access denied error. I am sure the bucket is open to the public and I set up cognito, so I have no idea why this is occurring does anyone have an idea?
func getPicture() {
let tranferUtility = AWSS3TransferUtility.default()
let expression = AWSS3TransferUtilityDownloadExpression()
tranferUtility.downloadData(fromBucket: bucket, key: self.currentQuestionData!._userId!, expression: expression){ (task, url, data, error) in
if error != nil{
print(error!)
}
DispatchQueue.main.async(execute: {
self.imageView.image = UIImage(data: data!)
})
}
}
//bucket policy
{
"Id": "Policy1562706569188",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1562706565258",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws:s3:::schooled-deployments-mobilehub-969166170",
"Principal": "*"
}
]
}
The error message displayed in the console is
"Error Domain=com.amazonaws.AWSS3TransferUtilityErrorDomain Code=2 "(null)" UserInfo={Server=AmazonS3, Error={ Code = AccessDenied; HostId = "GHIlY6U4nxxqKQ/Bn8lf3FWjFZZmVhxn3DDjc8YUZY2gkguT6qdqhS54PL85AL7KaSU0Q9gSckw="; Message = "Access Denied"; RequestId = EA34AC42C00AE399;"
Upvotes: 2
Views: 1909
Answers (2)
Reputation: 403
Ok, I suffered this same error and kept thinking why should I make the bucket public to get away with this error. Then I realized one kind of silly mistake which I did. While I was adding this storage via Amplify CLI ($amplify add storage) there is an option which asks for "Auth users" or "Auth & Guest". After that there are some choices like
- Create/Update
- Read
- Delete
I chose only option 1, create/update assuming that all users who can create will still be able to see. And that was the mistake. I needed to select both Option 1 and 2. Which kind makes sense now.
I had to delete my storage and add back to debug this. Then it started to work for download and upload also. Please do remember the public, protected folder also is important.
Hope this helps someone who has the same problem.
Upvotes: 0
Reputation: 269101
Some operations are performed on the bucket, while other operations are performed at the object level.
Replace this line:
"Resource": "arn:aws:s3:::schooled-deployments-mobilehub-969166170",
with this:
"Resource": [
"arn:aws:s3:::schooled-deployments-mobilehub-969166170",
"arn:aws:s3:::schooled-deployments-mobilehub-969166170/*"
]
That will permit access to the objects.
Upvotes: 2
Related Questions
- Downloading image form AWS S3 in Objective C
- Upload file to S3 service 403 ERROR (com.amazonaws.AWSS3TransferUtilityErrorDomain error 2.) Swift iOS
- Swift - AWS S3 Upload Image from Photo Library and download it
- How to download file from an AWS S3 bucket in Swift with unauthenticated users
- Upload image AWS S3 bucket in swift
- Unable to download images from AWS S3, Swift 3
- No such file location - Uploading image from Swift to S3
- Error downloading from S3 bucket on IOS.
- Error on uploading image on aws s3 bucket
- AWS S3 SDK v2 for iOS - Download an image file to UIImage