I am trying to list all the files in my S3 list. But constantly getting Access denied error. I think I have the necessary permissions for my IAM user:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "SID", "Effect": "Allow", "Action": [ "s3:AbortMultipartUpload", "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:GetBucketAcl", "s3:GetBucketCORS", "s3:GetBucketLocation", "s3:GetBucketLogging", "s3:GetBucketNotification", "s3:GetBucketPolicy", "s3:GetBucketRequestPayment", "s3:GetBucketTagging", "s3:GetBucketVersioning", "s3:GetBucketWebsite", "s3:GetLifecycleConfiguration", "s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectTorrent", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:GetObjectVersionTorrent", "s3:ListAllMyBuckets", "s3:ListBucket", "s3:ListBucketMultipartUploads", "s3:ListBucketVersions", "s3:ListMultipartUploadParts", "s3:PutBucketAcl", "s3:PutBucketCORS", "s3:PutBucketLogging", "s3:PutBucketNotification", "s3:PutBucketPolicy", "s3:PutBucketRequestPayment", "s3:PutBucketTagging", "s3:PutBucketVersioning", "s3:PutBucketWebsite", "s3:PutLifecycleConfiguration", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl", "s3:RestoreObject" ], "Resource": [ "arn:aws:s3:::bucket/*" ] } ] }
I provide full access to S3 (AmazonS3FullAccess policy), I can list objects. What could be the problem? I think that I only deleted permissions to delete and create baskets in user policy.
When I add full access to the same policy:
"Action": [ "s3:*" ],
I still cannot list the objects. But with current permissions, I can load and delete objects.