By using AWS re:Post, you agree to the AWS re:Post Terms of Use

S3 Transfer acceleration Permission

0

How can i setup proper permission for being able to use Transfer acceleration on s3 bucket. I have set up the IAM policy for the user i have Administrator access and also i created a custom policy just for Transfer acceleration but when i try to edit the bucket it says Access Denied. Can someone explain what could the issue be here. Thank you in advance

  • Hi Donoval, could you please post your IAM policy/policies attached to your IAM user/role and bucket policy(if there is one) here.

  • Still facing the issue even after trying all of the following:

    • enabling transfer acceleration as the root user,
    • adding s3:PutAccelerateConfiguration to the only user in the IAM console,
    • adding s3:PutAccelerateConfiguration in the bucket policy,
    • disabling the Block Public Access checkbox. Any guidance would be very much appreciated.
asked a year ago581 views
4 Answers
0

In what region have you setup you S3 bucket? S3 transfer acceleration is supported in the following regions: https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration.html if your bucket is setup in one of the supported regions, in order to troubleshoot this issue and identify the root cause, please open a support case with AWS using the following link: https://console.aws.amazon.com/support/home#/case/create

AWS
answered a year ago
  • My bucket is in us-east-1 it should be supported

0

So S3 Transfer acceleration uses CloudFront in the backend as listed in this whitepaper (https://docs.aws.amazon.com/whitepapers/latest/s3-optimizing-performance-best-practices/use-amazon-s3-transfer-acceleration-to-minimize-latency-caused-by-distance.html)

Cloudfront distribution is always deployed in us-east-1; thus, the verification requirement is us-east-1.

This is a verification mechanism that aws uses so email delivery is standard, what you can also try is to deploy a cloudfront distribution. If it's deployed successfully, s3 acceleration can be enabled.

The other option is that you reach out to AWS support and they can verify your account manually

answered 6 months ago
0

Transfer acceleration was used in AWS Cloudfront on the back end. Because Cloudfront is a global service like IAM etc. validation is a must in us-east-1. You can also contact AWS support to verify your account manually.

answered a month ago
-1

For anyone reaching this page, the issue is account verification in N.virginia region.

Refer to this blog for details - https://engineering.doit.com/amazon-s3-transfer-acceleration-access-denied-how-to-fix-d2494aa95918

answered 6 months ago
  • Even if we have my S3 buckets in any other region (say ap-southeast-2), will we need to run EC2 instances in us-east-1 for a few hours to resolve this?

    But what if we don't get the email you mentioned about request validation?

    It's still not clear.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions