Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Document minimum AMI user permissions/ACLs in order for accesssing an AWS bucket
See original GitHub issueTook me awhile to sort this out, and was surprised that I couldn’t find a record of it in the issue queue. Copy-pasting this in to the JSON editor allowed it to finally work: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-policies-s3.html#iam-policy-ex0
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action": "s3:ListAllMyBuckets",
"Resource":"arn:aws:s3:::*"
},
{
"Effect":"Allow",
"Action":["s3:ListBucket","s3:GetBucketLocation"],
"Resource":"arn:aws:s3:::awsexamplebucket1"
},
{
"Effect":"Allow",
"Action":[
"s3:PutObject",
"s3:PutObjectAcl",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:DeleteObject"
],
"Resource":"arn:aws:s3:::awsexamplebucket1/*"
}
]
}
Giving full S3 permissions on the bucket also worked, but that felt like overkill, and it would be bad to incentivize users to do that.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:7
- Comments:6
Top Results From Across the Web
Controlling access to a bucket with user policies
This walkthrough explains how user permissions work with Amazon S3. In this example, you create a bucket with folders. You then create AWS...
Read more >Access control lists (ACLs) | Cloud Storage
IAM and ACLs work in tandem to grant access to your buckets and objects, which means a user only needs the relevant permission...
Read more >S3 Access for Objects With Different Permissions in an S3 ...
Amazon S3 ACLs use a S3-specific XML-based schema and ACLs are used in general to grant basic read/write permissions to AWS accounts. ACLs...
Read more >Configure S3 access with instance profiles | Databricks on AWS
You can grant privileges for multiple buckets using a single IAM role ... workspace and then use table ACLs for fine-grained permissions.
Read more >A deep dive into AWS S3 access controls - Detectify Labs
S3 provides an unlimited storage for each bucket and owners can use them to serve files. Files can be served either privately (via...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Ok, after some experimentation, found the minimal permissions for bucket and plugin setup is:
IAM > Users > YOURUSER > Permissions > Add inline policy (JSON):
S3 > YOURBUCKET > Permissions > Block public access: All “OFF”
S3 > YOURBUCKET > Permissions > Bucket Policy:
This is really helpful @SunSparc 😃 I’ll try to upstream a doc change when I’m next using this plugin