admin管理员组

文章数量:1292967

I am getting an "access denied" (403) error when trying to upload a file to AWS S3 through a Lambda function (which already have the required permissions / policy to read and write into the bucket).

Have mirrored the application to a whole different environment and the process works just fine there.

  • Lambda permission policies:
{
    "Version": "2012-10-17",
    // ...
        {
            "Action": [
                "s3:Abort*",
                "s3:DeleteObject*",
                "s3:GetBucket*",
                "s3:GetObject*",
                "s3:List*",
                "s3:PutObject",
                "s3:PutObjectLegalHold",
                "s3:PutObjectRetention",
                "s3:PutObjectTagging",
                "s3:PutObjectVersionTagging"
            ],
            "Resource": [
                "arn:aws:s3:::celta-ui-data",
                "arn:aws:s3:::celta-ui-data/*"
            ],
            "Effect": "Allow"
        }
    ]
}
  • Logged error body:
{
    "errorType": "AccessDenied",
    "errorMessage": "Access Denied",
    "name": "AccessDenied",
    "$fault": "client",
    "$metadata": {
        "httpStatusCode": 403,
        "requestId": "S0D2PKHKJFKPQWPS",
        "extendedRequestId": "+CdFU95c5bkdfh0U99ujUNpewoZ1CA/xPtsctvDagwFQGEw0QLrq9wlbSwqy4e6fLw7K1OCvKG4=",
        "attempts": 1,
        "totalRetryDelay": 0
    },
    "Code": "AccessDenied",
    "RequestId": "S0D2PKHKJFKPQWPS",
    "HostId": "+CdFU95c5bkdfh0U99ujUNpewoZ1CA/xPtsctvDagwFQGEw0QLrq9wlbSwqy4e6fLw7K1OCvKG4=",
    "message": "Access Denied",
    "stack": [
        "AccessDenied: Access Denied",
        "    at throwDefaultError (/var/runtime/node_modules/@aws-sdk/node_modules/@smithy/smithy-client/dist-cjs/index.js:840:20)",
        "    at /var/runtime/node_modules/@aws-sdk/node_modules/@smithy/smithy-client/dist-cjs/index.js:849:5",
        "    at de_CommandError (/var/runtime/node_modules/@aws-sdk/client-s3/dist-cjs/index.js:4749:14)",
        "    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)",
        "    at async /var/runtime/node_modules/@aws-sdk/node_modules/@smithy/middleware-serde/dist-cjs/index.js:35:20",
        "    at async /var/runtime/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:482:18",
        "    at async /var/runtime/node_modules/@aws-sdk/node_modules/@smithy/middleware-retry/dist-cjs/index.js:320:38",
        "    at async /var/runtime/node_modules/@aws-sdk/middleware-flexible-checksums/dist-cjs/index.js:174:18",
        "    at async /var/runtime/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:110:22",
        "    at async /var/runtime/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:138:14"
    ]
}

I have already tried to add policies in the S3 bucket side, to allow execution of s3 command in lambda function - no effect.

Have gone pretty much through every youtube video, github and stackoverflow posts to the date.

Putting "s3:PutObjectAcl" DID NOT WORK. I am also not allowed to make the bucket publicly accessible.

本文标签: amazon web servicesAccess Denied AWS S3 PutObject command through LambdaStack Overflow

版权声明:本文标题:amazon web services - Access Denied: AWS S3 PutObject command through Lambda - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741567195a2385797.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。