CODEWITHSUNDEEP
laravelamazon-web-servicesamazon-s3
Suhadak Akbar
Suhadak Akbar

Reputation: 155

Laravel Manager S3 Bucket got Forbidden (403) Response

I set S3 Bucket as file storage, it is work for read/write through input file. But I got problem when integrating it with Laravel File Manager. When trying to visit /laravel-filemanager/demo, I got error:

Unable to write file at location: files/1/. Error executing "PutObject" on "https://BUCKET.s3.ap-southeast-1.amazonaws.com/files/1/"; AWS HTTP error: Client error: PUT https://BUCKET.s3.ap-southeast-1.amazonaws.com/files/1/ resulted in a 403 Forbidden response: <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>6YBFTW (truncated...) AccessDenied (client): Access Denied - <?xml version="1.0" encoding="UTF-8"?> <Error><Code>AccessDenied</Code><Message>Access Denied</Message>**********</RequestId>************158RzcM/Al09WYc=

Here is the bucket policy:

{
    "Version": "2012-10-17",
    "Id": "Policy1667963254419",
    "Statement": [
        {
            "Sid": "Stmt1667963249364",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:DeleteObject",
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::BUCKET/*"
        }
    ]
}

I think the permission is right. Any idea?

Upvotes: 0

Views: 1719

Answers (1)

Ben Gooding
Ben Gooding

Reputation: 1071

Here is an example reference that I use for a working production app: (although I imagine you don't need the s3-object-lambda)

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*",
                "s3-object-lambda:*"
            ],
            "Resource": [
                "arn:aws:s3:::MY_BUCKET",
                "arn:aws:s3:::MY_BUCKET/*"
            ]
        }
    ]
}

Make sure you have credentials for a user that has that policy attached (ideally a user with only those credentials):

Link just replace USER_XYZ with your user: https://us-east-1.console.aws.amazon.com/iam/home#/users/USER_XYZ?section=security_credentials

To validate whether it is your access key that is incorrect or if it is your Laravel setup, I would test your access using the AWS CLI https://www.ibm.com/support/pages/qradar-how-test-credential-permissions-aws-command-line-interface

Upvotes: 0

Related Questions