Unable to write to output file
Hello folks
This is the contionutation of the previos thread started on stackoverflow by our previous devops. Now i am working on this issue. https://stackoverflow.com/questions/65288790/what-permissions-s3-needs-for-aws-mediaconverter-to-have-access-to-write-files
Checked almost everything:
-Bucket permissions
-User permissions
-Service role
-ACL
-App code (added BUCKET_OWNER_FULL_CONTROL as were advised previously)
But nothing solves this issue.
Still getting the error:
Unable to write to output file [s3://{some bucket here}/{path_to_file}]:
Failed to write data: Access Denied, Error code 1401.
Please, help to find the root cuase an fix it. Cause we all are tired of this annoing issue. Only one thing "helps" with the issue when to change bucket principal from Cloudfront Origin Access ID to "*". After this is done we can write to the bucket but it becomes public what is not acceptable for us cause we want to have it private with ACL accesss. In ACL we have only one grantee - bucket owner (root).
- 최신
- 최다 투표
- 가장 많은 댓글
Well. The issue was in not propper MediaConverter Role. Created the new MediaConverter role and granted the PassRole for media converter service for s3 user and looks like it works now (somehow). But only mp4 files can be converted normally while other video formats are still greyed out. Thereby looks like it is another story.
Edited by: kostyanius on Apr 27, 2021 1:32 AM
Hi,
Matthew from the AWS Team here.
Nice work on solving the permissions issues you noticed, please do share if you experience permissions issues related this going forward.
Regarding greyed out file formats:
- What file types are you seeing this issue with?
- Can you share what you're seeing with screenshots?
- Do you have an example of any failed job? If so, please feel free to share your account ID and Job ID in a private message.
Hello
I think i could provide job json but not AWS Account ID.
So as i am not sure that you are not fraud))
Thereby - no any personal data. Sorry.)
Edited by: kostyanius on Apr 27, 2021 3:41 AM
Hi,
I understand and pleased to see you're focused on security.
For your information, Amazon AWS Employees on the AWS forum have the small Amazon logo next to their username. They also have a forum level of Amazonian.
However, I appreciate your position on this!
The reason we sometimes need your AWS Account ID is to find your specific job which failed, using this we are also able to download your JSON. AWS employees will request this information via private message only.
The only alternative option I can suggest is to look at AWS Developer Support services.
Focusing on your greyed out files:
- is this still an issue?
- What were the file formats affected?
- Please detail any steps leading up to you noticing the greyed out files.
Best regards,
Matthew
