3

My folder configuration in Amazon S3 looks like BucketName/R/A/123 now i want to add another folder under my Bucket and want to save data as BucketName/**I**/A/123. When i try to save my data, i get an error:

<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy Condition failed: ["starts-with", "$key", "R/"]</Message></Error>

I understand i need to give some permission for folder I to be created under this Bucket but i am struggling to find where.

Can anyone point me where i need to make a change.

Thanks

Jay
  • 1,037
  • 5
  • 23
  • 41
  • Are you using AWS ClI or AWS Dashboard for above operation? – Piyush Patil May 19 '16 at 12:46
  • @PiyushPatil AWS Dashboard. – Jay May 19 '16 at 13:11
  • What are your permission for the bucket? As I was able to recreate the above scenario without any problem? – Piyush Patil May 19 '16 at 13:33
  • @Jay I am also facing the same issue. Could you please provide me the bucket policy, so that i can also sort out my issue? Thanks :) – Vishal Aug 22 '17 at 06:24
  • @Vishal my error was in code where it was creating policy. You need to check where you are creating the Policy in your code and change the folder configuration. – Jay Aug 22 '17 at 19:24
  • @Jay here is my s3 form: `<%= s3_uploader_form callback_url: '', key: "uploads/${filename}", id: "s3-uploader" do %> <%= file_field_tag :file, multiple: true %> <% end %>`. Is this creating any issue? – Vishal Aug 23 '17 at 03:58
  • @Vishal you should check the path you are trying to upload to with your structure in Amazon S3. If they dont match then you need to change the URL (where you are saving in Amazon S3) in policy. Above doesnt tell me much as its just code for call. – Jay Aug 23 '17 at 15:26
  • @Jay Thanks for the guidance. I have checked my path and its correct. I have posted my query [here](https://stackoverflow.com/questions/45768600/uploading-files-directly-to-s3). Could you please have a look? – Vishal Aug 24 '17 at 03:49

1 Answers1

1

I understand i need to give some permission for folder I to be created under this Bucket but i am struggling to find where.

No, not according to this error message.

You appear to be supplying this policy in your code...

["starts-with", "$key", "R/"]

...and this policy -- part of a form post upload policy document your code is generating -- is telling S3 that you want it to deny an upload with a key that doesn't stat with "R/" ...

If this isn't what you want, you need to change the policy your code is supplying, so that it allows you to name the key the way you want to name it.

Michael - sqlbot
  • 169,571
  • 25
  • 353
  • 427