Amazon S3 IAM User can' access S3 bucket

0
votes

My users get the message

You don't have permissions to use the Amazon S3 Console

I don't understand why. The users belong to a group that has this policy I made with the help of the Policy Generator

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1449507915000",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::fouraxis"
            ]
        }
    ]
}

In the Policy Generator I selected the following:

Effect: Allow

AWS Service: Amazon S3

Amazon Resource Name (ARN): "arn:aws:s3:::fouraxis"

The bucket name is fouraxis

Clearly, I'm missing something.

1
amazon-web-servicesamazon-s3
dup? stackoverflow.com/questions/26600137/…Jon B

1 Answers

6
votes

The S3 console uses the s3:ListAllMyBuckets API method to drive the UI. You would need to add this permission for users to log into the console and browse S3.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1449507915000",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::fouraxis"
            ]
        },
        {
            "Sid": "ListAllBuckets",
            "Action": "s3:ListAllMyBuckets",
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}