Access denied when put bucket policy on aws s3 bucket with root user (= bucket owner)
I have an AWS root user which I used to create a S3 bucket on Amazon.
Now I want to make this bucket public by adding following policy:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<my bucket name>/*"
}]
}
Where is my name of the bucket?
When I trying to save this policy I get a 403 access denied..
I tried explicitly setting the putbucketpolicy permission but it still gives a 403.
Any body that knows why?
This is the image error:
amazon-web-services amazon-s3 root policy bucket
edited Nov 19 at 12:02
kit
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
|
show 5 more comments
I have an AWS root user which I used to create a S3 bucket on Amazon.
Now I want to make this bucket public by adding following policy:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<my bucket name>/*"
}]
}
Where is my name of the bucket?
When I trying to save this policy I get a 403 access denied..
I tried explicitly setting the putbucketpolicy permission but it still gives a 403.
Any body that knows why?
This is the image error:
amazon-web-services amazon-s3 root policy bucket
edited Nov 19 at 12:02
kit
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39
|
show 5 more comments
I have an AWS root user which I used to create a S3 bucket on Amazon.
Now I want to make this bucket public by adding following policy:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<my bucket name>/*"
}]
}
Where is my name of the bucket?
When I trying to save this policy I get a 403 access denied..
I tried explicitly setting the putbucketpolicy permission but it still gives a 403.
Any body that knows why?
This is the image error:
amazon-web-services amazon-s3 root policy bucket
edited Nov 19 at 12:02
kit
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
I have an AWS root user which I used to create a S3 bucket on Amazon.
Now I want to make this bucket public by adding following policy:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<my bucket name>/*"
}]
}
Where is my name of the bucket?
When I trying to save this policy I get a 403 access denied..
I tried explicitly setting the putbucketpolicy permission but it still gives a 403.
Any body that knows why?
This is the image error:
amazon-web-services amazon-s3 root policy bucket
amazon-web-services amazon-s3 root policy bucket
edited Nov 19 at 12:02
kit
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
edited Nov 19 at 12:02
kit
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
edited Nov 19 at 12:02
kit
1,1083616
edited Nov 19 at 12:02
kit
1,1083616
edited Nov 19 at 12:02
kit
1,1083616
1,1083616
asked Nov 19 at 11:38
Tijl .Reynhout
233
asked Nov 19 at 11:38
Tijl .Reynhout
233
asked Nov 19 at 11:38
Tijl .Reynhout
233
233
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39
|
show 5 more comments
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39
|
show 5 more comments
2 Answers
2
active
oldest
votes
Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
add a comment |
I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.
permissions
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53373840%2faccess-denied-when-put-bucket-policy-on-aws-s3-bucket-with-root-user-bucket-o%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
add a comment |
Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
add a comment |
Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
answered Nov 20 at 6:43
Huu Phong Nguyen
31527
31527
add a comment |
add a comment |
I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.
permissions
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
add a comment |
I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.
permissions
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
add a comment |
I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.
permissions
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.
permissions
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
edited Dec 10 at 10:18
Artur Carvalho
3,63695382
3,63695382
answered Nov 19 at 12:45
Tijl .Reynhout
233
answered Nov 19 at 12:45
Tijl .Reynhout
233
answered Nov 19 at 12:45
Tijl .Reynhout
233
233
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53373840%2faccess-denied-when-put-bucket-policy-on-aws-s3-bucket-with-root-user-bucket-o%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Could you please verify that the "root" user you have, actually has correct permissions to modify S3?
– AlexK
Nov 19 at 12:05
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy
– Tijl .Reynhout
Nov 19 at 12:37
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] }
– Tijl .Reynhout
Nov 19 at 12:38
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli
– Tijl .Reynhout
Nov 19 at 12:39
Have you attached it to the user?
– AlexK
Nov 19 at 12:39