How to fix Syntax Error when editing Bucket Policy?

0

I'm in the process of setting up CloudFront. I'm at the step where I have to edit my current bucket policy.

On the Edit bucket policy page, when I click edit, there is already a Statement there ID name = "S3-Console-Auto-Gen-Policy". So when I paste the new one in at the end, I get a "Fix all syntax errors to view this panel." error message. Should I replace the previous policy, or paste the new one on the next empty line?

Screenshot part1 Screenshot part2

3 Answers
1
Accepted Answer

Hello,

To resolve the "Fix all syntax errors to view this panel" error when editing your S3 bucket policy, follow these steps:

Replace the Existing Policy: Overwrite the current policy with the new one instead of appending it. Ensure the syntax and structure of the policy are correct.

Combine Policies: If you need to retain both policies, combine them into a single policy with multiple statements. Here's an example:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "logging.s3.amazonaws.com"
            },
            "Action": [
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::example-s3-1/*",
                "arn:aws:s3:::example-s3-2/*"
            ],
            "Condition": {
                "StringEquals": {
                    "aws:SourceAccount": "11111111111111"
                }
            }
        },
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::your-bucket-name/*"
        }
    ]
}
profile picture
EXPERT
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile picture
EXPERT
Sandeep
reviewed 3 months ago
1

Hello.

Please overwrite the existing bucket policy.
If the ARN of the S3 bucket listed in the statement section is different, please list the resources and enter multiple ARNs.
The bucket policy below is an example, but if you list the resource section, it will look like this:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "logging.s3.amazonaws.com"
            },
            "Action": [
                "s3:PutObject"
            ],
            "Resource": ["arn:aws:s3:::example-s3-1/*","arn:aws:s3:::example-s3-2/*"],
            "Condition": {
                "StringEquals": {
                    "aws:SoruceAccount": "11111111111111"
                }
            }
        }
    ]
}
profile picture
EXPERT
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago
0

I replaced the original policy and the error has gone. I hope I didn't need the original one. Thanks for your help everyone.

answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions