Bookmark and Share Subscribe Bookmark and Share

Categories

Advertisement



Access Denied to files in an Amazon S3 Bucket

Dec
19


 « »    

I use a PowerShell script to upload my WordPress content to Amazon’s S3 Storage Services which is globally distributed by Amazon’s Cloudfront service. Recently Amazon changed its default security; if you upload a file to a bucket it does not inherit the buckets top level security. You need to put a Bucket Policy in place. In this example I will set the anonymous users to be able to read objects in the bucket.

Access Denied error:

This is the error you receive when you do not have a Bucket Policy in place.

This XML file does not appear to have any style information associated with it. The document tree is shown below.

- 
AccessDenied
Access Denied
F7A33F55E19C8BFA
-
UHwvZfsh+B9IczJIyrBQOKG1+JRVsybONoS8+pwYvo1DZSvscmdzyCb9OIsnZwZJ

 

 

Creating a Bucket Policy:

You use the AWS Policy Generator to generate a Bucket Policy. There are several examples online and Amazon has a ton of examples.

http://awspolicygen.s3.amazonaws.com/policygen.html

1. Select “S3 Bucket Policy”
2. Set the “Effect” to “Allow”
3. Under “Actions” check off “GetObject”

4. Set the Amazon Resouce Name (ARN) to “arn:aws:s3:::<bucket_name>/<key_name>“, in this case the Bucket name is bucket01 the key is usually set to *
5. Press “Add Statement”

6. Press Generate Policy. This will generate the policy you will need to add to your bucket

7. Copy the policy into your clipboard

8. Open your bucket in the AWS Management Console: http://aws.amazon.com/console/

9. Go to Properties and select “Add bucket policy”

10. Paste the Policy into the Editor
11. Press Save

TIP: Sometimes if you have extra white space or missing a line you will get this error. Go back to the policy generator and re-copy the policy and try it again

When you try to access new uploaded pictures you should be able to see them with no problem now

 


    Did I save you time and headaches? Buy me a cup of coffee.
    The more coffee I drink the more articles I can write.