Aws-cli: ListObjects/ListBucket error message
command: aws s3 sync {my directory} s3://{my-bucket}/ --delete
version: aws-cli/1.11.43 Python/2.7.10 Darwin/16.3.0 botocore/1.5.6
I was trying to sync files to my s3 bucket which has static webhosting on it. However, I kept on getting the error message fatal error: An error occurred (AccessDenied) when calling the ListObjects operation: Access Denied. I spent a while creating a Policy that would allow the ListObjects action and figuring out why it wasn't working, but actually it was using the ListBucket action. Once I edited the Policy to allow ListBucket it all started working. Can the error message be corrected to actually display the action that failed?
Thanks
pacey
All 4 comments
Unfortunately that's the most detailed error message we have access to, it doesn't return exactly what permission is needed. I think it is safe to say that we should document the required permissions, however.
JordonPhillips
on 30 Jan 2017
+1 to documenting the required permissions. I ran into the same issue, except my policy includes ListBucket, so evidently I need something else, but I can't find documentation of what that might be.
jancona
on 25 Jul 2017
@pacey and @jancona - Our S3 documentation has been updated and defines a set of permissions that you can specify in a policy. These are keywords, each of which maps to specific Amazon S3 operations (see Operations on Buckets, and Operations on Objects in the Amazon Simple Storage Service API Reference)..
justnance
on 22 Apr 2019
Thanks! I think others will find this useful 馃憤
pacey
on 22 Apr 2019
Related issues
ikim23
路
3Comments
alexejk
路
3Comments
levequej
路
3Comments
kangman
路
3Comments
hapx101
路
3Comments
Most helpful comment
+1 to documenting the required permissions. I ran into the same issue, except my policy includes ListBucket, so evidently I need something else, but I can't find documentation of what that might be.