Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS permissions required for sync

Tags:

amazon-s3

amazon-ec2

I have a windows machine that need to sync a folder with S3.

I try 

"C:\Program Files\amazon\AWSCLI\aws.exe" s3 sync components  s3://test/MyTest/ --acl public-read -- cache-control "public, must-revalidate, proxy-revalidate, max-age=1800"

got error "A client error (AccessDenied) occurred when calling the PutObject operation: Access Denied"

s3 rm and s3 cp for the same directory works fine.

I have the following permissions :

"Sid": "VisualEditor4",             "Effect": "Allow",             "Action": [                 "s3:PutObject",                 "s3:PutObjectAcl"             ],             "Resource":
like image 621
Mor Lajb Avatar asked Feb 20 '18 21:02

Mor Lajb

People also ask

What is the difference between Sync and CP AWS?

aws s3 cp will copy all files, even if they already exist in the destination area. It also will not delete files from your destination if they are deleted from the source. aws s3 sync looks at the destination before copying files over and only copies over files that are new and updated.

How does aws s3 sync work?

The s3 sync command synchronizes the contents of a bucket and a directory, or the contents of two buckets. Typically, s3 sync copies missing or outdated files or objects between the source and target.

What is AWS sync command?

AWS sync command recursively copies new and updated files from the source ( Directory or Bucket/Prefix ) to the destination ( Directory or Bucket/Prefix ). AWS sync command only creates folders within the destination if they contain one or more files.

Does aws s3 overwrite sync?

It only copies files that have been added or changed since the last sync. It is designed as a one-way sync, not a two-way sync. Your file is being overwritten because the file in the Source is not present in the Destination. This is correct behavior.

2 Answers

You need all this actions:

  • s3:DeleteObject
  • s3:GetBucketLocation
  • s3:GetObject
  • s3:ListBucket
  • s3:PutObject

Not only PutObject, for get work S3 Sync, use this policy:

{     "Version": "2012-10-17",     "Statement": [         {             "Resource": [                 "arn:aws:s3:::YOUR_BUCKET_NAME",                 "arn:aws:s3:::YOUR_BUCKET_NAME/*"             ],             "Sid": "Stmt1464826210000",             "Effect": "Allow",             "Action": [                 "s3:DeleteObject",                 "s3:GetBucketLocation",                 "s3:GetObject",                 "s3:ListBucket",                 "s3:PutObject"             ]         }     ] }
like image 58
JorgeM Avatar answered Oct 03 '22 21:10

JorgeM

Synchronizing files also requires READ permissions because the AWS Command-Line Interface (CLI) needs to view the existing files to determine whether they already exist or have been modified.

Thus, you will also need to grant ListBucket permission.

If you use aws s3 cp instead of aws s3 sync, then this is not required.

like image 26
John Rotenstein Avatar answered Oct 03 '22 22:10

John Rotenstein
Sign in to Comment

Related questions

Parse stream to object in Nodejs
Why does Ruby open-uri's open return a StringIO in my unit test, but a FileIO in my controller?
How to generate a temporary url to upload file to Amazon S3 with boto library?
How to close Boto S3 connection?
Amazon EC2 EBS backup: AMI vs Snapshot
What does IOPS (in Amazon EBS) mean in practice?
AWS S3 Disabling SSLv3 Support
Best strategy to deploy static site to s3 on github push? [closed]
How to get the URL of a file on AWS S3 using aws-sdk?
exif image rotation issue using carrierwave and rmagick to upload to s3
Amazon RDS MySQL instance performs very slow
s3 direct upload restricting file size and type
A client error (400) occurred when calling the HeadObject operation: Bad Request Completed 1 part(s) with ... file(s) remaining
Check if file exists in s3 using ls and wildcard
How to write parquet file from pandas dataframe in S3 in python
How to list _all_ objects in Amazon S3 bucket?
Vue.js Router: history mode and AWS S3 (RoutingRules)
How can I access s3 files in Python using urls?
Access files stored on Amazon S3 through web browser
How many records can be in S3 put() event lambda trigger?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!