Cannot copy certificate file AWS Managed Blockchain

Question

Hi there,

I am following the steps in the aws managed blockchain and I have a problem at step 5.1(https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/get-started-enroll-admin.html). When I run this command:

```
aws s3 cp s3://MyRegion.managedblockchain/etc/managedblockchain-tls-chain.pem  /home/ec2-user/managedblockchain-tls-chain.pem
```
I get the following error:

```
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden
```
Like the guide mentioned, I went to this link(https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/security_iam_hyperledger_ec2_client.html) and followed the steps. However, even after these steps I keep getting the same error.

Any guidance or suggestions would be greatly appreciated!

Answer

Hello

The issue is with the IAM  Role attached to the Ec2 instance, So please check the Role policy again, I have looked the [URL](https://docs.aws.amazon.com/managed-blockchain/latest/hyperledger-fabric-dev/security_iam_hyperledger_ec2_client.html) you have mentioned.

Please recheck the following:

*  Do you put the Correct **REGION_NAME** and **BUCKET_Name** or ARN `"arn:aws:s3:::us-east-1.managedblockchain/*"`is are correct ?

```
    {
      "Sid": "AccessManagedBlockchainBucket",
      "Effect": "Allow",
      "Action": [
        "s3:GetObject"
      ],
      "Resource": "arn:aws:s3:::REGION_NAME.BUCKET_NAME/*"
    },
```
if the policy is correct you shold able to get the file in Ec2.

Please let me know if you have troubles again, I am happy to help you

GK

Cannot copy certificate file AWS Managed Blockchain

Contenus pertinents