- Newest
- Most votes
- Most comments
Hello,
It seems you are getting an Access Denied error when trying to resolve an S3 endpoint. This typically occurs when the IAM role being used does not have the necessary permissions to access the S3 bucket. Please check the following :
- Verify the IAM policy attached to the role has permissions to access S3, such as s3:ListBucket.
- Check if the bucket policy allows the IAM principal (role ARN) to access the bucket. Bucket policies override any IAM policies.
- Make sure the S3 endpoint is of type REST API and not website hosting. Website hosting endpoints have different permission requirements.
- If using VPC endpoints for S3, check that the endpoint policy grants access to the necessary principals like the instance profile role.
- Review any condition keys used in the IAM policy. The keys must match the API call context for the policy to take effect.
Refer to the AWS documentation on troubleshooting S3 API access issues for more help. [1] Why am I getting an Access Denied error when I open the URL to an Amazon S3 object that I have access to? https://repost.aws/knowledge-center/s3-access-denied-error [2] How can I troubleshoot an S3AccessDenied error from my file gateway's CloudWatch health logs? https://repost.aws/knowledge-center/file-gateway-troubleshoot-s3accessdenied [3] How can I troubleshoot Amazon S3 endpoint connection test failures when using AWS DMS? https://repost.aws/knowledge-center/dms-connection-test-fail-s3
Relevant content
- AWS OFFICIALUpdated 4 months ago
- How do I update a CloudFormation stack that's failing because of a resource that I manually deleted?AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 4 months ago