Thursday, August 7, 2014

Failed Access Denied: S3 properties on us-east-1 region

When I created s3 buckets at each regions including us-east-1, us-west1, us-west-2, and ap-northeast-1 and applied the IAM policies below to a IAM group. I got some of the properties of other than us-east-1 region somehow.
I created an IAM group and attached two IAM policies with the group.
  • IAM policy to define the buckets to operate and access source IP address.
{ "Statement": [ { "Condition": { "IpAddress": { "aws:SourceIp": [ "xxx.xxx.xxx.xxx/32", "xxx.xxx.xxx.xxx/32" ] } }, "Resource": [ "arn:aws:s3:::bucket_name.ap-northeast-1", "arn:aws:s3:::bucket_name.ap-northeast-1/*", "arn:aws:s3:::bucket_name.us-west-1", "arn:aws:s3:::bucket_name.us-west-1/*", "arn:aws:s3:::bucket_name.us-west-1", "arn:aws:s3:::bucket_name.us-west-1/*", "arn:aws:s3:::bucket_name.us-west-2", "arn:aws:s3:::bucket_name.us-west-2/*" ], "Action": "s3:*", "Effect": "Allow" } ], "Version": "2012-10-17" }
  • IAM policy to list all the buckets for a s3 tool like S3 Browser
{
  "Statement": [
    {
      "Resource": "*",
      "Action": "s3:List*",
      "Effect": "Allow"
    }
  ],
  "Version": "2012-10-17"
}
I got the properties of us-west-1, us-west-2, ap-northeast-1, but couldn't get those of us-east-1, though the same IAM policies are applied.


I successfully got the properties of us-east-1 after adding the action as follows.



{
  "Statement": [
    {
      "Resource": "*",
      "Action": [
        "s3:List*",
        "s3:Get*"
      ],
      "Effect": "Allow"
    }
  ],
  "Version": "2012-10-17"
}

I am wondering if us-east-1 (US standard) region is different from other regions in how to apply IAM policy because it is the 1st region of AWS???

2 comments:

  1. s3 browser An extension to browse S3 files on

    ReplyDelete
  2. Its coastlines are caressed by the waves of Aegean Sea and its vast beaches are kissed by the rays of the Sun. Endless sandy beaches, fascinating life-style of common people, 15,000km of coastline and tranquil ambience have made this country as the ultimate destination place for every tourist. Commercial property management

    ReplyDelete

iJAWS@Doorkeeper