1 Answer
- Newest
- Most votes
- Most comments
0
Rekognition will only have access to a S3 bucket that the user/role who sends the request have access to. So in this case, if you're sending a request from account A with an image that's stored in S3 bucket C that A doesn't have access to, Rekognition won't be able to process your request. If you attach a policy to bucket S that allows access from the user/role of A, then the request should go through. This is basically the case of "When I grant the root of the AWS account to access the bucket, then Rekognition works." If you attach a policy to only allow the service principle to access bucket S, at this point account A would not have access to bucket S, then the requesst would fail.
answered 2 months ago
Relevant content
- asked 2 months ago
- asked 5 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 6 days ago
- AWS OFFICIALUpdated a month ago