Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

S3, Error executing "PutObject"

0

Hello. I was changing user rights (IAM) and broke something. Now my site is not uploading images to S3.

I use CloudFront ..

Error executing "PutObject" on "https://s3.eu-central-1.amazonaws.com/.../iblocks/31001/img/31001.png"; AWS HTTP error: Client error: `PUT https://s3.eu-central-1.amazonaws.com/.../iblocks/31001/img/31001.png` resulted in a `403 Forbidden` response:
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided (truncated...)
InvalidAccessKeyId (client): The AWS Access Key Id you provided does not exist in our records. - <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidAccessKeyId</Code><Message>The AWS Access Key Id you provided does not exist in our records.</Message><AWSAccessKeyId>AKIAQ2UKU7ZBF5ATGKPA</AWSAccessKeyId><RequestId>YSJ3RF5Z0GZ0ZR88</RequestId>

Bucket policy:
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::...:user/superadmin"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::backet",
                "arn:aws:s3:::backet/*"
            ]
        }
    ]
}
Tópicos
ArmazenamentoSegurança, identidade e conformidade
Tags
Serviço de armazenamento simples da AmazonPolíticas do IAM
Idioma
English
rePost-User-1980772
feita há um ano2599 visualizações
2 Respostas
1

The error message is saying that your IAM access key is either invalid (formatting issue, maybe?) or it isn't valid (it has been revoked from within the console). You can generate a new IAM access key in the console and then put it into your application.

Given that you've put the access key out in public, I'd be cancelling it anyway. While it's only one half of your credentials it's better to keep both parts (the access key and the secret access key) confidential.

Note that we discourage the use of long-lived credentials - if possible! It's much better security practice. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html

profile pictureAWS
ESPECIALISTA
Brettski-AWS
respondido há um ano
  • rePost-User-1980772
    há um ano

    Thanks, but I created new IAM access keys in the console. It doesn't help.

  • rePost-User-1980772
    há um ano

    I added info about Bucket policy in my question

  • Brettski-AWS ESPECIALISTA
    há um ano

    This isn't an issue with the bucket policy - that would give you an "Access Denied" error.

  • rePost-User-1980772
    há um ano

    Maby it is about Object Ownership in AWS? Or maby some cache in the AWS or the server. How can i check with which keys i use AWS through SDK PHP (some logs).

  • rePost-User-1980772
    há um ano

    I deployed the site locally, the images began to upload successfully. It seems AWS stopped liking my server.

0

Why is Action "Action": "s3:*". Shouldn't it be s3:PutObject and s3:GetObject?

https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html

jschwar313
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante