S3 Bucket Permissions

0
votes

I have an s3 bucket with the policy

{
    "Version": "2008-10-17",
    "Id": "Policy1412967758094",
    "Statement": [
        {
            "Sid": "Stmt1412967757168",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::bucketname/*"
        }
    ]
}

a cors configuration of 

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
    <CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
    </CORSRule>
</CORSConfiguration>

and full permissions for Me and Authenticated Users.

I have used these permissions before (usually just getObject on the policy) to set up buckets for serving a web sites static assets. When I upload files to these buckets through the GUI, everything works fine and I can view the images by right clicking open.

However, using s3cmd and my secret key and access key with s3cmd sync, no permissions are attached to the files inside the bucket. I can not view them or open them.

What am I missing?

1
amazon-web-servicesamazon-s3s3cmd

1 Answers

0
votes

I'm not sure why you're setting access for Authenticated Users....Authenticated Users with the bucket policy you have configured would share the bucket with all S3 users, not just your IAM accounts.

But, for your ACL problem, you can specify an ACL with s3cmd....set owner to full control by specifying --acl-private in your command.

You might also try the AWS CLI...there's a high-level aws s3 command set with ls, mv, cp, rm, sync, etc. do "aws cmd help" to see all the options. Plus syntax is consistent across platforms.