Start a new topic
Answered

For anyone attempting to browse S3 buckets

I've been fighting with an issue where attempts to browse S3 buckets from within the Job editor fails showing a blank file/folder listing.  My IAM user permissions seemed valid and correct for what was needed and the Find and Copy tasks functioned properly, the browse simply did not work.  After trying several policy variations I thought I'd post the result I found in case it helps anyone.


I tried policy variations allowing ALL S3 actions to the bucket in question as well as bucket/*, which has been a distinction I've known to matter in the past.  None of that worked.  After some experimenting the only policy variation I've been able to get working for browsing is using the AWS policy template for S3 Read Only access to all buckets.  I tried a variation of the same policy with a specific ARN identified, but that also failed to work for me.  In my case that isn't desirable as I'd like to limit this user to the contents of a single specific bucket, so I decided to just accept the fact browsing won't work as long as the Task can find and copy files.  The Read Only policy that works looks like this:


{

  "Version": "2012-10-17",

  "Statement": [

    {

      "Effect": "Allow",

      "Action": [

        "s3:Get*",

        "s3:List*"

      ],

      "Resource": "*"

    }

  ]

}


Best Answer

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow",

"Action": [

"s3:Get*",

"s3:List*"

],

"Resource": "*"

}

]

}

1 Comment

Answer

{

"Version": "2012-10-17",

"Statement": [

{

"Effect": "Allow",

"Action": [

"s3:Get*",

"s3:List*"

],

"Resource": "*"

}

]

}

Login to post a comment