About permission in S3 file transfer

Question

I'm using S3TransferManager-Sample to do testing. I created the Cognito and setup the IAM and change the constants.swift file at last.I have no problem to upload but failed to download. The error message is:

download failed: [Error Domain=com.amazonaws.AWSS3ErrorDomain Code=1 "The operation couldn’t be completed. (com.amazonaws.AWSS3ErrorDomain error 1.)" UserInfo=0x7f8cd658a5a0 {HostId=d4yLouhlYmGn4s1Zp54+EOsZQEy2bVEGNs5XIa8pMxerJggANV/9Zb82c1QtF/5Hsn5KqYXGqdw=, Message=Access Denied, Code=AccessDenied, RequestId=A1966393EAC3F15F}]

Here is my setting for the role:

My setting in the S3 bucket:

Of course when I added "Everyone" to allow "List" permission, I can download. But what is the purpose for Cognito then? Thanks

Answer 1

A couple of things to note in your question:

1. You've set your unauth role to only allow only read-only access. The sample does not use authentication, so please make sure to update the unauth role to have full access.
2. The credentials provider caches credentials it fetches for up to one hour. You may want to either until the previous credentials expire or explicitly call the refresh method on the credentials provider to force the new policy to apply.