0

I am logged in as a root user for aws account. A bucket has been created for static website hosting. I have also unchecked all the options on Public access Settings as you can see in this image below. enter image description here

After that I tried to update the bucket policy to this from docs

{
  "Version":"2012-10-17",
  "Statement":[{
    "Sid":"PublicReadGetObject",
        "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::example-bucket/*"
      ]
    }
  ]
}

But I keep getting Access denied Error. I don't get it what have I missed. I have tried following things.

  • I have found other SO posts this which tells to uncheck block new public bucket policies option which I have already done but why does it not work for me?

  • I destroyed the bucket and redid everything from scratch but same issue persists.

  • I also created a new IAM user with roles to access everything. This also didn't solve the issue.

  • I can however manually change the s3 objects to public through Make Public option in s3 menu under s3 Overview tab. This has been solving my problem temporarily for now but I have to keep doing this every time I re upload the files.

So my Question is. Why do I keep getting access denied even for root user?

enter image description here

Bikal Basnet
  • 1,639
  • 1
  • 21
  • 31

1 Answers1

0

I followed your steps and it worked fine for me:

  • I created a new bucket
  • I clicked on the bucket, went into the Permissions tab and edited the Public access settings
  • I turned off the two settings under Manage public bucket policies for this bucket
  • I added a Bucket Policy by taking your policy (above) and changed the bucket name to match my bucket
  • I successfully saved the Bucket Policy

It then gave me a warning note:

This bucket has public access

You have provided public access to this bucket. We highly recommend that you never grant any kind of public access to your S3 bucket.

I cannot see why you would be receiving Access Denied. My only suggestion is to try it with a different browser just in case there's some strange issue.

You could also add the Bucket Policy via the the AWS CLI: put-bucket-policy — AWS CLI Command Reference

This also successfully added a Bucket Policy onto my bucket.

John Rotenstein
  • 241,921
  • 22
  • 380
  • 470
  • Thank you john, unfortunately even from cli I get the same error. I will try with a brand new aws account just to make sure if this is happening only on my account. – Bikal Basnet Apr 19 '19 at 05:04