Access denied when put bucket policy on aws s3 bucket with root user (= bucket owner)

11
votes

I have an AWS root user which I used to create a S3 bucket on Amazon.
Now I want to make this bucket public by adding following policy:

{
   "Version": "2012-10-17",
   "Statement": [{
      "Effect": "Allow",
      "Principal": "*",
      "Action": "s3:GetObject",
      "Resource": "arn:aws:s3:::<my bucket name>/*"
   }]
}

Where <my bucket name> is the name of the bucket. When I try to save this policy I get a 403 access denied.

I tried explicitly setting the s3:PutBucketPolicy permission but it still gives a 403. Anybody knows why?

This is the image error:

image of the aws error message

2
amazon-web-servicesamazon-s3rootpolicybucket
Could you please verify that the "root" user you have, actually has correct permissions to modify S3? - AlexK
Doesn't the root user always have full access to the bucket if he created it? I also cretaed an IAM user with permissions for the bucket and that user also can't adjust bucket policy - Tijl .Reynhout
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:PutBucketPolicy", "Resource": "arn:aws:s3:::bucketname" } ] } - Tijl .Reynhout
that is the policy for the IAM user but het still can't change the bucket policy. Even tried through the aws cli - Tijl .Reynhout
Have you attached it to the user? - AlexK

2 Answers

15
votes

Capture on my AWS S3

Uncheck 2 rows for fixing the access denied. But please remember reading it clearly and consider it before you create a new bucket. Permission is really important.

4
votes

I've tried creating a new bucket and by setting the following permission parameters unchecked (false) the bucket policy can now be adjusted to make the bucket objects public. Afterwards I ticked off the four previous checkboxes and now it works.

permissions