Questions tagged with Amazon Simple Storage Service

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

I have granted full access using bucket policy to Anonymous user. With this setting, can anyone upload the objects? If yes, what is the procedure and commands/options using CLI to upload?
0
answers
0
votes
3
views
profile picture
asked 3 hours ago
Hi, I have a case where I would like to store third-parties certificates in our AWS account. We **MUST NOT** have access to their private, only public keys. What would you recommend to store public keys certificate, which belong to external clients, in AWS?
2
answers
0
votes
18
views
alatech
asked 18 hours ago
hello, i have already set up cloudfront ditributions accessing to public s3e buckets and now i am trying to follow the "option 1" of this post https://aws.amazon.com/it/premiumsupport/knowledge-center/cloudfront-access-to-amazon-s3/ to allow the access to my s3 only from a cloudfront distribution. after having completed all the steps if i try to get any resource, for example https://d3ivmkao0hsjcl.cloudfront.net/FILE_ESERCIZI/1/Air_bike_13_MP4_1000_18MG_1000p.m3u8, i obtain this error ``` <Error> <Code>SignatureDoesNotMatch</Code> <Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message> <AWSAccessKeyId>ASIA5EJGWF5XU7GEHKG2</AWSAccessKeyId> <StringToSign>AWS4-HMAC-SHA256 20230127T103516Z 20230127/eu-central-1/s3/aws4_request b86c5fb2ebeff3ad8b3099231cf7b9619898941e67243b97eafb983c89a12349</StringToSign> <SignatureProvided>c7c649388d0dc4a9959e84e47d15eb9ba6c547728a97d710cf5e39b86e84f412</SignatureProvided> <StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 32 33 30 31 32 37 54 31 30 33 35 31 36 5a 0a 32 30 32 33 30 31 32 37 2f 65 75 2d 63 65 6e 74 72 61 6c 2d 31 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 62 38 36 63 35 66 62 32 65 62 65 66 66 33 61 64 38 62 33 30 39 39 32 33 31 63 66 37 62 39 36 31 39 38 39 38 39 34 31 65 36 37 32 34 33 62 39 37 65 61 66 62 39 38 33 63 38 39 61 31 32 33 34 39</StringToSignBytes> <CanonicalRequest>GET /FILE_ESERCIZI/1/Air_bike_13_MP4_1000_18MG_1000p.m3u8 host:d3ivmkao0hsjcl.cloudfront.net x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 x-amz-date:20230127T103516Z x-amz-security-token:IQoJb3JpZ2luX2VjEMv//////////wEaCXVzLWVhc3QtMSJIMEYCIQCys+hSN+dHpTt70PlOmbDN49btdyspVqfRxXKlXjVroAIhANz2DeVBwy4bbTCHocJn6sUCiPTU+fkNtkPdogF3CrkhKt8CCEMQABoMOTAyNTYxMTQ4NzgzIgz0l+2qmyNCySNEYC8qvAJz5zAg8pASCaElSFn4oTQjV4ceO5ueUObcbcpW7o3WTV7Ka904W7Woemw0kW3qfQ9FCuT5fG5AZrHMLNipyWKsJx7rXkv3YeoVj0LFKS5McZFrliG6TpC9p6YPfz3LteM2biURYvha6Qvq1tMThZG/Sz4qBcT7Q4LzYRuEAqY4rMAvBv0WKwZgxgZjevKlqjd9fndfs5vS7KMGZhXLwujT2XwNKt3PNMb64F5v/RGBXp6SgOngFlERdXjoXkdSqXCJWUUF7dBXHiNvWSyrFNZo5vDmfJPAy320BNfBma4IOLQZXpdKOQ51zjTVb01C6mFQHKdomWpkku981KknubBBZE5wOvn9f4SnDr+P2x/azo2Pl95YabGUqe06VL2nXvbfiHukIARyEwT+/Bco/L+spkkzQwyospGx8ANRMIvHzp4GOr4BmI4MD2vNWZnBrjUx0AQXW9ggbT7yk/59mUP3yIKXwmXcOeKR0eYSf6K1fgvyiZYKvxqVvIWKwoog5guVoQaMCBNEVJm8X3TaZcDWMfgm64s0nPrJsv1+KOBMmjg14w6o1F3gynEMCImsTNZZ84dK8BNKKw38B/8RweLHMj8r4pWfWhyUXGiDgoADIt3ma4E7vlQVNj0FmvbmIpyYgeueE+lzB2T74IzREhWUbzWuMf9EbR8JG4sw9NmbphkrQw== x-amz-source-account:374453910143 x-amz-source-arn:arn:aws:cloudfront::374453910143:distribution/E35XBYXZDKV4SS host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-source-account;x-amz-source-arn e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855</CanonicalRequest> <CanonicalRequestBytes>47 45 54 0a 2f 46 49 4c 45 5f 45 53 45 52 43 49 5a 49 2f 31 2f 41 69 72 5f 62 69 6b 65 5f 31 33 5f 4d 50 34 5f 31 30 30 30 5f 31 38 4d 47 5f 31 30 30 30 70 2e 6d 33 75 38 0a 0a 68 6f 73 74 3a 64 33 69 76 6d 6b 61 6f 30 68 73 6a 63 6c 2e 63 6c 6f 75 64 66 72 6f 6e 74 2e 6e 65 74 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 32 33 30 31 32 37 54 31 30 33 35 31 36 5a 0a 78 2d 61 6d 7a 2d 73 65 63 75 72 69 74 79 2d 74 6f 6b 65 6e 3a 49 51 6f 4a 62 33 4a 70 5a 32 6c 75 58 32 56 6a 45 4d 76 2f 2f 2f 2f 2f 2f 2f 2f 2f 2f 77 45 61 43 58 56 7a 4c 57 56 68 63 33 51 74 4d 53 4a 49 4d 45 59 43 49 51 43 79 73 2b 68 53 4e 2b 64 48 70 54 74 37 30 50 6c 4f 6d 62 44 4e 34 39 62 74 64 79 73 70 56 71 66 52 78 58 4b 6c 58 6a 56 72 6f 41 49 68 41 4e 7a 32 44 65 56 42 77 79 34 62 62 54 43 48 6f 63 4a 6e 36 73 55 43 69 50 54 55 2b 66 6b 4e 74 6b 50 64 6f 67 46 33 43 72 6b 68 4b 74 38 43 43 45 4d 51 41 42 6f 4d 4f 54 41 79 4e 54 59 78 4d 54 51 34 4e 7a 67 7a 49 67 7a 30 6c 2b 32 71 6d 79 4e 43 79 53 4e 45 59 43 38 71 76 41 4a 7a 35 7a 41 67 38 70 41 53 43 61 45 6c 53 46 6e 34 6f 54 51 6a 56 34 63 65 4f 35 75 65 55 4f 62 63 62 63 70 57 37 6f 33 57 54 56 37 4b 61 39 30 34 57 37 57 6f 65 6d 77 30 6b 57 33 71 66 51 39 46 43 75 54 35 66 47 35 41 5a 72 48 4d 4c 4e 69 70 79 57 4b 73 4a 78 37 72 58 6b 76 33 59 65 6f 56 6a 30 4c 46 4b 53 35 4d 63 5a 46 72 6c 69 47 36 54 70 43 39 70 36 59 50 66 7a 33 4c 74 65 4d 32 62 69 55 52 59 76 68 61 36 51 76 71 31 74 4d 54 68 5a 47 2f 53 7a 34 71 42 63 54 37 51 34 4c 7a 59 52 75 45 41 71 59 34 72 4d 41 76 42 76 30 57 4b 77 5a 67 78 67 5a 6a 65 76 4b 6c 71 6a 64 39 66 6e 64 66 73 35 76 53 37 4b 4d 47 5a 68 58 4c 77 75 6a 54 32 58 77 4e 4b 74 33 50 4e 4d 62 36 34 46 35 76 2f 52 47 42 58 70 36 53 67 4f 6e 67 46 6c 45 52 64 58 6a 6f 58 6b 64 53 71 58 43 4a 57 55 55 46 37 64 42 58 48 69 4e 76 57 53 79 72 46 4e 5a 6f 35 76 44 6d 66 4a 50 41 79 33 32 30 42 4e 66 42 6d 61 34 49 4f 4c 51 5a 58 70 64 4b 4f 51 35 31 7a 6a 54 56 62 30 31 43 36 6d 46 51 48 4b 64 6f 6d 57 70 6b 6b 75 39 38 31 4b 6b 6e 75 62 42 42 5a 45 35 77 4f 76 6e 39 66 34 53 6e 44 72 2b 50 32 78 2f 61 7a 6f 32 50 6c 39 35 59 61 62 47 55 71 65 30 36 56 4c 32 6e 58 76 62 66 69 48 75 6b 49 41 52 79 45 77 54 2b 2f 42 63 6f 2f 4c 2b 73 70 6b 6b 7a 51 77 79 6f 73 70 47 78 38 41 4e 52 4d 49 76 48 7a 70 34 47 4f 72 34 42 6d 49 34 4d 44 32 76 4e 57 5a 6e 42 72 6a 55 78 30 41 51 58 57 39 67 67 62 54 37 79 6b 2f 35 39 6d 55 50 33 79 49 4b 58 77 6d 58 63 4f 65 4b 52 30 65 59 53 66 36 4b 31 66 67 76 79 69 5a 59 4b 76 78 71 56 76 49 57 4b 77 6f 6f 67 35 67 75 56 6f 51 61 4d 43 42 4e 45 56 4a 6d 38 58 33 54 61 5a 63 44 57 4d 66 67 6d 36 34 73 30 6e 50 72 4a 73 76 31 2b 4b 4f 42 4d 6d 6a 67 31 34 77 36 6f 31 46 33 67 79 6e 45 4d 43 49 6d 73 54 4e 5a 5a 38 34 64 4b 38 42 4e 4b 4b 77 33 38 42 2f 38 52 77 65 4c 48 4d 6a 38 72 34 70 57 66 57 68 79 55 58 47 69 44 67 6f 41 44 49 74 33 6d 61 34 45 37 76 6c 51 56 4e 6a 30 46 6d 76 62 6d 49 70 79 59 67 65 75 65 45 2b 6c 7a 42 32 54 37 34 49 7a 52 45 68 57 55 62 7a 57 75 4d 66 39 45 62 52 38 4a 47 34 73 77 39 4e 6d 62 70 68 6b 72 51 77 3d 3d 0a 78 2d 61 6d 7a 2d 73 6f 75 72 63 65 2d 61 63 63 6f 75 6e 74 3a 33 37 34 34 35 33 39 31 30 31 34 33 0a 78 2d 61 6d 7a 2d 73 6f 75 72 63 65 2d 61 72 6e 3a 61 72 6e 3a 61 77 73 3a 63 6c 6f 75 64 66 72 6f 6e 74 3a 3a 33 37 34 34 35 33 39 31 30 31 34 33 3a 64 69 73 74 72 69 62 75 74 69 6f 6e 2f 45 33 35 58 42 59 58 5a 44 4b 56 34 53 53 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 3b 78 2d 61 6d 7a 2d 73 65 63 75 72 69 74 79 2d 74 6f 6b 65 6e 3b 78 2d 61 6d 7a 2d 73 6f 75 72 63 65 2d 61 63 63 6f 75 6e 74 3b 78 2d 61 6d 7a 2d 73 6f 75 72 63 65 2d 61 72 6e 0a 65 33 62 30 63 34 34 32 39 38 66 63 31 63 31 34 39 61 66 62 66 34 63 38 39 39 36 66 62 39 32 34 32 37 61 65 34 31 65 34 36 34 39 62 39 33 34 63 61 34 39 35 39 39 31 62 37 38 35 32 62 38 35 35</CanonicalRequestBytes> <RequestId>PRM1GCD8SDC238HH</RequestId> <HostId>juMFHQDRE2n/XXxH7L8GrVb68EYF1+EMM7tVvCo9AcwmYgpSWtNAVj1QKgDW0A084ttTbKrCU2k=</HostId> </Error> ``` any idea? thanks, Roberto
2
answers
0
votes
14
views
Roberto
asked 19 hours ago
Hi, I have been banging my head trying to get this working and cannot figure it out. I have an ECS fargate cluster in 2 private subnets. There are 2 public subnets with NatGWs (needed for the tasks running in Fargate). Currently I have S3 traffic going through the NatGWs and I would like to implement an S3 endpoint as "best practice". I have created CFN scripts to create the endpoint and associated security group. All resources are created and appear to be working. However I can see from the logs that traffic for s3 is still going through the NatGWs. Is there something basic that I have missed? Is there a way to force the traffic from the tasks to the S3 endpoints? The fargate task security group has the following egress: ``` SecurityGroupEgress: - IpProtocol: "-1" CidrIp: 0.0.0.0/0 ``` Here is the script that creates the enpoint and SG: ``` endpointS3SecurityGroup: Type: AWS::EC2::SecurityGroup Properties: GroupDescription: "Security group for S3 endpoint" GroupName: "S3-endpoint-sg" Tags: - Key: "Name" Value: "S3-endpoint-sg" VpcId: !Ref vpc SecurityGroupIngress: - IpProtocol: "tcp" FromPort: 443 ToPort: 443 SourceSecurityGroupId: !Ref fargateContainerSecurityGroup # S3 endpoint endpointS3: Type: AWS::EC2::VPCEndpoint Properties: PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: '*' Action: 's3:*' Resource: '*' SubnetIds: - !Ref privateSubnet1 - !Ref privateSubnet2 VpcEndpointType: Interface SecurityGroupIds: - !Ref endpointS3SecurityGroup ServiceName: Fn::Sub: "com.amazonaws.${AWS::Region}.s3" VpcId: !Ref vpc ``` Thanks in advance. Regards, Don.
2
answers
0
votes
9
views
Don
asked a day ago
Hello, I have a situation where I created a bucket in my AWS account that is logging GuardDuty logs to the bucket. I have a case where I need to update this in an CDK stack for IaaC requirement. I will need to add event notificaiton in the future via this IaaC CDK. But at the moment, I do not need to change anything in the S3 bucket itself but I do need to have it as IaaC instead of manually. Is there a way to create a CDK stack to deploy to an AWS account that has an existing S3 bucket with the same name, without REWRITING or DELETING AND RE-CREATING the bucket? SO that way I do not lose logs or anything else? What would be the best steps in this situation?
1
answers
0
votes
19
views
asked 2 days ago
The error message I'm getting: Error message not found: ATHENA_CLIENT_ERROR. Can't find bundle for base name com.simba.athena.athena.jdbc42.messages, locale en_US We have a datalake architecture which we stood up on AWS s3. When I'm trying to run queries against the tables in the Curated db, in Athena, I'm getting results. When I copy the same query and paste it in the custom SQL funtion in Tableau it gives me an error. This issue is affecting our business and needs to resolve as soon as possible. Please send me an answer if you have previously dealt with this kind of issue. Important stuff: I have the JDBCSIMBA4.2 driver. I have an athena properties file directing to our S3 location. I have JAVA8.0 Installed with JAVA HOME. I have * access meaning I have all access in AWS. I am able to connect to tables in the database. I am able to view all the tables in the database. I also made couple dashboards using this database.
0
answers
0
votes
8
views
asked 2 days ago
I'm trying to copy from S3 a bucket with more than 200 milions of arquives. I've tryed use rclone to do that. But evertime after some 20 hours rclone stop for a memory erros. (my baremetal have 96GB of ram). I've tryed too AWS CLI copy but after one day running nothing happens. Somebody have a solution? Regards
1
answers
0
votes
17
views
profile picture
Mr Ost
asked 3 days ago
Hi, I'm trying to give a try with AWS transcribe. For this I'm using the web form where I can select an audio file. Unfortunately it seems all the buckets I choose are empty (even if they are not, of course), therefore I can't select any audio file. Is required a specific permission on the S3 bucket to permit AWS Transcribe to access the source media? ![Enter image description here](/media/postImages/original/IMbRDFODMtSLO7KlCh1JblOw) Thanks
1
answers
0
votes
6
views
asked 3 days ago
We are using windows server. On that windows server we have SQL server installed. We are planning to upgrade that to SQL 2022. Now I want to know the feasibility to move databases to S3 bucket. Is it feasible to have mdf and ldf files of the SQL databases on S3 bucket directly and SQL server installed on windows server which is hosted on AWS.
2
answers
0
votes
9
views
nbuddhe
asked 3 days ago
There are several ways to delete single object in s3 bucket using boto3 in Python. S3.Client.delete_object(), S3.Bucket.delete_objects(), S3.Object.delete(), ... I don't know how to choose the best way for our code. Would you please give me information about what features each class has, what is the point in choosing an appropriate method? Thank you.
1
answers
0
votes
29
views
asked 5 days ago
I am trying to create an AWS Cloud watch event which will trigger an email whenever a S3 bucket is created or modified to allow public access. I have created the cloud trail, log stream and am tracking all the S3 events logs. When i am trying to create a custom event by giving the pattern to detect S3 buckets with public access i am not able to fetch any response or the event doesn't get triggered even if i create bucket with public access. Can you help me out with the custom pattern for the same ? I have tried giving GetPublicAccessBlock, PutPublicAccessBlock etc., in event type but no luck. Please suggest accordingly.
1
answers
0
votes
14
views
asked 5 days ago
Below is the cloud formation template that I am using to create an EC2, IAM Roles to access S3 bucket. ``` AWSTemplateFormatVersion: '2010-09-09' Description: Attach IAM Role to an EC2 Parameters: S3KeyId: Description: S3 KMS custom key ID Type : 'AWS::SSM::Parameter::Value<String>' Default: /CNS/resources/s3_key_id SecretsmanagerKeyId: Description: ID of Secretsmanager KMS custom key Type : 'AWS::SSM::Parameter::Value<String>' Default: /CNS/resources/secretsmanager_key_id # BUCKET_NAME: # Type: String # Description: Name of the S3 Bucket Name # Default: "sc-xxxxxxxxxxxxxxx-pp-o7dyvm3xd-configurestorebucket-4vtqanfcbcl0" Resources: Test: Type: AWS::EC2::Instance Properties: InstanceType: t2.micro ImageId: ami-0661da39e6a5cdXXX SubnetId: subnet-0061b7c02f9a07XXX IamInstanceProfile: Ref: ListS3BucketsInstanceProfile ListS3BucketsInstanceProfile: Type: AWS::IAM::InstanceProfile Properties: Path: "/" Roles: - Ref: ListS3BucketsRole ListS3BucketsPolicy: Type: AWS::IAM::Policy Properties: PolicyName: ListS3BucketsPolicy PolicyDocument: Statement: - Effect: Allow Action: - s3:List - s3:GetObject - s3:GetObjectAcl - s3:ListObjectsV2 - s3:PutObjectAcl - s3:PutObject - s3:ListObjects Resource: "arn:aws:s3:::sc-xxxxxxxxxxxxxxx-pp-o7dyvm3xd-configurestorebucket-4vtqanfcbcl0" Roles: - Ref: ListS3BucketsRole ListS3BucketsRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Principal: Service: - ec2.amazonaws.com Action: - sts:AssumeRole Path: "/" ``` When I ssh to the VM, I get error as like below: *Copy* Contents from S3 to EC2, Access Denied ``` aws s3 cp s3://sc-xxxxxxxxxxxxxxx-pp-o7dyvm3xd-configurestorebucket-4vtqanfcbcl0/* . --request-payer requester --recursive fatal error: An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied aws s3 ls s3://sc-xxxxxxxxxxxxxxx-pp-o7dyvm3xd-configurestorebucket-4vtqanfcbcl0/* An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied ``` Listing files in that S3 bucket... Access Denied ``` aws s3 ls s3://sc-xxxxxxxxxxxxxxx-pp-o7dyvm3xd-configurestorebucket-4vtqanfcbcl0/ An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied ``` Any lead shall be greatly appreciated! Thank you.
2
answers
0
votes
23
views
asked 5 days ago