Boto3 uploading to s3 bucket
Question
I want to add an String, created by an lambda, to a existing textfile on my s3 bucket.
When I use:
s3.Object('My_bucket', 'textfile.txt').put(Body=missingtagginginfo)
missingtagginginfo = My created variable textfile.txt = textfile that exists on the s3 bucket
I get the following error:
"errorMessage": "An error occurred (AccessDenied) when calling the PutObject operation: Access Denied",
"errorType": "ClientError",
I alreday gave the lambda the s3fullAccess.
Does anybody know how I can fix this?
greets
3 answers
solution1
1 ACCPTED 2020-03-10 15:48:12
Your policy must contain s3:PutObject in order to upload objects.
{
"Effect": "Allow",
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::your-bucket/",
"arn:aws:s3:::your-bucket/*"
]
}
Please don't add wildcard permissions ( s3:* ) or wildcard resources ( "Resource": [ "*" ] ) as these give huge potential for bugs and vulnerabilities. The AWS Policy Generator can help you with this.
solution2
0 2020-03-10 13:42:36
The IAM Policy looks like this:
"Resource": "arn:aws:s3:::MYBUCKET/*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucketMultipartUploads",
"s3:AbortMultipartUpload",
"s3:ListMultipartUploadParts"
],
"Resource": [
"arn:aws:s3:::MYBUCKET/",
"arn:aws:s3:::MYBUCKET/*"
]
},
{
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "*"
}
solution3
0 2021-03-17 12:38:04
Write in Your Bucket's Policy
{
"Version": "2008-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [
{
"Sid": "Allow-OAI-Access-To-Bucket",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::Your-Bucket-Name/*"
}
]
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.