Ruby Amazon S3 Access Denied when listing buckets

Question

Ruby newb here.

I was given access creds to data on the amazon cloud. Im beginning to think the access keys are off but I could be wrong. Someone help!

I have the aws folder as a plugin

>> Version
=> "0.6.3"

>> AWS::S3::Base.establish_connection!(:access_key_id =>'*******', :secret_access_key => '*****')
=> #<AWS::S3::Connection:0x007fd0539bb4c0 @options={:server=>"s3.amazonaws.com", :port=>80, :access_key_id=>"****", :secret_access_key=>"****"}, @access_key_id="****", @secret_access_key="****", @http=#<Net::HTTP s3.amazonaws.com:80 open=false>>

>> AWS::S3::Service.buckets   
=> AWS::S3::AccessDenied: Access Denied

from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/error.rb:38:in `raise'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/base.rb:72:in `request'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/base.rb:88:in `get'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/service.rb:21:in `buckets'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/extensions.rb:183:in `block in buckets'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/extensions.rb:152:in `expirable_memoize'
from /Users/PBR/.rbenv/versions/1.9.2-p290/lib/ruby/gems/1.9.1/gems/aws-s3-0.6.3/lib/aws/s3/extensions.rb:182:in `buckets'

Note that the secret access key was visible to at least me and perhaps one other person... (_Viewed 2 times_ in the sidebar.) — sarnold, Jun 21 '12 at 22:55
Do you have proper permissions within your S3 buckets to allow access with those keys? — John, Jun 22 '12 at 18:27
Hey John. Thanks. When you refer to permissions do you mean the access keys? Because as far as im concerned they are correct but they are from a client. — im_benton, Jun 22 '12 at 23:11
@Viccari you got it. Thanks! Let me know if you have any more questions about my process. — im_benton, Nov 25 '12 at 20:08

score 19 · Answer 1 · answered Nov 22 '14 at 22:22

19

I had to go IAM -> Users -> "Attach User Policy" and make my user admin

answered Nov 22 '14 at 22:22

Foad

390
3
6

score 7 · Accepted Answer · answered Jun 10 '13 at 17:17

7

You can fix this in following way.

First go to s3 console in amazon.
Then click on bucket.
Then click on properties tab in right side.
Then click on permission options
Click on add more permission
Check the all checkbox and save it.

answered Jun 10 '13 at 17:17

Sandip Mondal

921
7
12

15

This defeats the whole purpose of security policies. – Todor Kolev May 29 '15 at 12:40
3

Attaching the "AmazonS3FullAccess" policy should be sufficient. – randallreedjr Oct 02 '15 at 18:10

score 3 · Answer 3 · answered Dec 05 '15 at 18:48

3

IAM, Groups where your user have been part of, and add S3FullAccess or S3 ReadOnlyAccess

answered Dec 05 '15 at 18:48

karthikeayan

4,291
7
37
75

score 2 · Answer 4 · answered Nov 25 '12 at 20:07

2

Turns out my Access Keys were invalid. I had the admin grant me further permissions and it finally worked.

Thanks!!

answered Nov 25 '12 at 20:07

im_benton

2,541
4
21
30

score -2 · Answer 5 · edited Nov 09 '16 at 21:06

-2

The correct answer to this is definitely: IAM -> Users -> "Attach User Policy" and make your user admin

edited Nov 09 '16 at 21:06

Nissa

4,636
8
29
37

answered Nov 09 '16 at 19:47

Stewart

1
1

Giving out AdministratorAccess is a very bad idea because if anyone was to compromise that user then they could spin up 20 servers in all regions very easily. That is bad because it would cost you a lot of money. Instead, use S3FullAccess, S3ReadOnly or ideally, use more restrictive access policies like are shown here https://aws.amazon.com/blogs/security/writing-iam-policies-how-to-grant-access-to-an-amazon-s3-bucket/ – DrColza Aug 08 '18 at 17:32

Ruby Amazon S3 Access Denied when listing buckets

5 Answers5

Linked