By using AWS re:Post, you agree to the AWS re:Post Terms of Use

Unable to upload an object to cross account S3 bucket through console - ACLs disabled

0

Hi,

I have an S3 bucket in account A and it has ACLs disabled. Bucket policy allows account B user to upload objects. When I try to use CLI using account B access key, it works fine:

C:\Workspace>aws s3api put-object --bucket cross-account-bucket8211 --key maxi.jpg --body maxi.jpg { "ETag": ""e577962ae3715e26dc32a9c850be4bf9"", "ServerSideEncryption": "AES256" }

**However when I use AWS console, object fails to upload with error : **

Access control list (ACL) not supported Objects can only be added to this bucket if they use no access control list (ACL) or the bucket-owner-full-control canned ACL. Review ACL permissions for the source object and remove ACLs that grant read or write permissions others.

asked 8 months ago495 views
1 Answer
2
Accepted Answer

When you use the AWS CLI with the put-object command, the CLI automatically sets the x-amz-acl header to bucket-owner-full-control, which is a compatible ACL setting for your bucket. This allows the upload to succeed.

💡 You can find more information about the x-amz-acl header and its usage in the Amazon S3 documentation here.

However, in the AWS Console, the default behavior is to use the private ACL when uploading objects (Blocking all public access). Since your bucket has ACLs disabled, the Console upload fails with the error you've encountered.

Blocked All public access


💡 You can learn more about the effects of these rules by visiting the Block public access settings page in the Amazon S3 documentation.

profile picture
EXPERT
answered 8 months ago
profile picture
EXPERT
reviewed 6 months ago
profile pictureAWS
EXPERT
reviewed 8 months ago
  • thanks for all the details. Is there a way to pass x-amz-acl when I upload through console? or do I have to enable ACL on my bucket to allow console to upload?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions