AccessDenied For ListObjectsV2 Operation For S3 Bucket


Answer :

I'm not sure the accepted answer is actually acceptable, as it simply allows all operations on the bucket. Also the Sid is misleading... ;-)

This AWS article mentions the required permissions for aws s3 sync.

This is how a corresponding policy looks like:

{ "Version": "version_id", "Statement": [     {         "Sid": "AllowBucketSync",         "Effect": "Allow",         "Action": [             "s3:GetObject",              "s3:PutObject",              "s3:ListBucket"         ],         "Resource": [             "arn:aws:s3:::BUCKET-NAME",             "arn:aws:s3:::BUCKET-NAME/*"         ]     } ] } 

Try to update your bucket policy to:

{ "Version": "version_id", "Statement": [     {         "Sid": "AllowPublicRead",         "Effect": "Allow",         "Action": [             "s3:*"         ],         "Resource": [             "arn:aws:s3:::BUCKET-NAME",             "arn:aws:s3:::BUCKET-NAME/*"         ]     } ] } 

I hope you understand this is very insecure.


I had this problem recently. No matter what I did, no matter what permissions I provided, I kept getting "An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied" when running aws s3 ls <bucket>

I had forgotten that I have multiple aws profiles configured in my environment. The aws command was using the default profile, which has a different set of access keys. I had to specify the --profile flag to the command:

aws s3 ls <bucket> --profile <correct profile>

That worked. It's a niche situation, but maybe it'll help someone out.


Comments

Popular posts from this blog

Converting A String To Int In Groovy

"Cannot Create Cache Directory /home//.composer/cache/repo/https---packagist.org/, Or Directory Is Not Writable. Proceeding Without Cache"

Android SDK Location Should Not Contain Whitespace, As This Cause Problems With NDK Tools