Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
S3 Storage User group List Bucket Permission Bug
See original GitHub issueThe permission is not enough to list bucket. https://stackoverflow.com/questions/38774798/accessdenied-for-listobjects-for-s3-bucket-when-permissions-are-s3 Addition permission block has to be added for list Object.
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::bucketname"
]
}
<% if (props.groupList) { %>
<% for(var i=0; i < props.groupList.length; i++) { %>
"<%= props.groupList[i] %>GroupPolicy": {
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "<%= props.groupList[i] %>-group-s3-policy",
"Roles": [
{
"Fn::Join": [
"",
[
{
"Ref": "auth<%= props.authResourceName%>UserPoolId"
},
"-<%= props.groupList[i] %>GroupRole"
]
]
}
],
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": <%- JSON.stringify(props.groupPolicyMap[props.groupList[i]]) %>,
"Resource": [
{
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "S3Bucket"
},
"/*"
]
]
}
]
}
]
}
}
},
<% } %>
<% } %>
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:11 (6 by maintainers)
Top Results From Across the Web
Controlling access to a bucket with user policies
When you attach the managed policy to a user or a group, you grant the user or group permission to obtain a list...
Read more >Grant a user Amazon S3 console access to a certain bucket
I want to grant a user Amazon Simple Storage Service (Amazon S3) console access to a bucket or folder (prefix). However, I don't...
Read more >A deep dive into AWS S3 access controls - Detectify Labs
The storage container is called a “bucket” and the files inside the bucket are called “objects”. S3 provides an unlimited storage for each ......
Read more >How to Simplify Access to S3 and Stop Spillage - Cyral
Note in this error message how it lists not only the role in S3 but also the AAD user. aws s3 rm s3://cyral-bucket-2/owl.jpeg...
Read more >What Is S3 Bucket and How to Access It (Part 1) - Lightspin Blog
S3 bucket misconfigurations account for 16% of all cloud security breaches. While some of this can be chalked up to inexperience or human ......
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
For anyone having the same issues - I had to update my storage instance using
amplify update storageand allow access through the Individual Groups option. Thanks all for your hard work on this project.Best regards,
Kyle
@wongcyrus @gaochenyue I have reproduces the bug. You can use the policy above mentioned by @gaochenyue to continue your development. In the meantime I am working on the fix