AWS CDK : Why S3 bucket policy occurs error
Question
I try to deploy S3 bucket by CDK in TypeScript. When the code is executed, an error occurs even if I have a privilige of administrator. Anyone knows the reason?
export class S3Stack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const s3Example = new s3.Bucket(this, 'bucket', {
versioned: false,
bucketName: 'bucket',
publicReadAccess: false,
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
removalPolicy: cdk.RemovalPolicy.DESTROY
});
const s3ExamplePolicyDocument = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "FirstStatement",
"Effect": "Allow",
"Action": [
"s3:List*",
"s3:Get*"
],
"Resource": [
"arn:aws:s3:::bucket",
"arn:aws:s3:::bucket/*"
],
"Principal": "*",
}
]
};
const s3ExamplePolicy = iam.PolicyDocument.fromJson(s3ExamplePolicyDocument);
new s3.CfnBucketPolicy(this, 'bucketpolicy', {
bucket: s3Example.bucketName,
policyDocument: s3ExamplePolicy
});
}
}
Error message
API: s3:PutBucketPolicy Access Denied
1 answers
solution1
0 2021-03-02 01:22:56
I found the solution. This is caused because I try to apply public permission to non-public bucket. After I modified s3ExamplePolicyDocument, it works
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Whitelist IP Address in S3 Bucket Policy in AWS CDK
aws s3 bucket policy
AWS S3 bucket policy
How to add a lifecycle policy to an existing S3 bucket in AWS CDK Typescript
Not sure why this aws s3 bucket policy isn't working?
AWS S3 Bucket Policy throws Access Denied Error
AWS Cloudformation template - S3 bucket policy - MalformedPolicy error
AWS CDK Error: bucket policy already exists on bucket
AWS CDK S3 Bucket Creation Error - Bucket_Name already exisits
aws s3 Bucket policy not working as expected
Related Tags