Reputation: 15559
Getting error: "Has prohibited field Principal", when creating policy
I want to create a policy to allow everyone to read my S3 bucket, this is the policy that I have created (I am following this guide):
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::my-s3-bucket/*",
"Principal": "*"
}
]
}
I cannot create this policy, this is the error that I am getting:
This policy contains the following error: Has prohibited field Principal For more information about the IAM policy grammar, see AWS IAM Policies
Upvotes: 2
Views: 2373
Answers (2)
Reputation: 15559
The problem was, I was creating the new Policy in IAM. I had to add the policy in S3, as a bucket Policy:
Select S3 Bucket -> Permissions -> Bucket Policy: paste the policy here
Note: If you want to grant read permission to anonymous user at the bucket level, then you need to turn off the following two settings.
Upvotes: 2
Reputation: 3203
I have generated the policy which you want using the Policy Generator.
{
"Id": "Policy1567210887639",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1567210883302",
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-s3-bucket/*",
"Principal": "*"
}
]
}
Check if this works for you.
Upvotes: 1
Related Questions
- amazon s3 invalid principal in bucket policy
- Missing required field Principal - Amazon S3 - Bucket Policy
- To grant access, policies must have an action that has an applicable resource or condition
- Error Invalid principal in policy?
- Error putting S3 policy: MalformedPolicy: Invalid principal in policy
- AWS S3 Error 'Policy has invalid resource'
- Getting "Missing required field Principal" when adding policy to S3 bucket
- Invalid principal in bucket policy
- Policy has invalid resource
- Getting error when trying to setup Amazon S3 bucket policy