Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS S3 Access Denied when open object URL in browser

Tags:

amazon-web-services

amazon-s3

I am new to aws.. I uploaded a image in the bucket

if i try to open the object url in browser im getting the following error.

enter image description here

below are the bucket policies i have configured my bucket with

{
    "Version": "2012-10-17",
    "Id": "Policy1566555268319",
    "Statement": [
        {
            "Sid": "Stmt1566555264845",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::497899159094:user/DevUser"
            },
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::akirainfocombucket/*",
            "Condition": {
                "StringEquals": {
                    "s3:x-amz-acl": "public-read"
                }
            }
        }
    ]
}

and Below are the CORS Configurations

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
    <AllowedOrigin>*</AllowedOrigin>
    <AllowedMethod>GET</AllowedMethod>
    <AllowedMethod>POST</AllowedMethod>
    <AllowedMethod>PUT</AllowedMethod>
    <MaxAgeSeconds>3000</MaxAgeSeconds>
    <AllowedHeader>Authorization</AllowedHeader>
</CORSRule>
</CORSConfiguration>

The Block all public access is set to Off as suggested by the support team.

I want the object link to be accessible in the browser..(Read only)

need help to configure the Bucket ?

like image 919
Pramit Sawant Avatar asked Aug 23 '19 13:08

Pramit Sawant

People also ask

Why is my S3 URL Access Denied?

If you're trying to host a static website using Amazon S3, but you're getting an Access Denied error, check the following requirements: Objects in the bucket must be publicly accessible. S3 bucket policy must allow access to the s3:GetObject action. The AWS account that owns the bucket must also own the object.

How do I access my S3 bucket from browser?

Sign in to Amazon Web Services and go to your S3 Management Console. 2. Click on the name of the S3 bucket from the list. If it's still in its default access state, it should say “Buckets and objects not public” next to it.

1 Answers

I doubted this might need permission to get the object so that you can view the image from the URL in S3.

I configured the bucket policy like given below.

{
"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "AddPerm",
        "Effect": "Allow",
        "Principal": "*",
        "Action": [
            "s3:PutObject",
            "s3:PutObjectAcl",
            "s3:GetObject"
        ],
        "Resource": "arn:aws:s3:::delxpro.com/*"
    }
]
}

In the above code, look for this piece of line "s3:GetObject". Add this line in your action attribute and check will it work or not.

It will retrieves object from S3, so that you can view your image from the URL.

like image 108
Vijay Rajendiran Avatar answered Sep 27 '22 21:09

Vijay Rajendiran
Sign in to Comment

Related questions

Connect to S3 accelerate endpoint with boto3
Event Sourcing with Kinesis - Replaying and Persistence
Is it possible to provide my AWS credentials in the docker.withRegistry call in jenkins pipeline?
Build with docker and --privileged
Can I setup an ssl certificate for AWS lightsail without the Load Balancer?
AWS serverless-image-handler v3.x broken by changes to AWS Lambda execution environment
Terraform AWS Kubernetes EKS resources with ALB Ingress Controller won't create load balancer
Keeping a secret key secret with Amazon Web Services
AWS-EC2, how to set multiple public sites with just one instance?
Explain Kinesis Shard Iterator - AWS Java SDK
Zookeeper unable to listen on port 3888
Return JSON with Lambda through API Gateway with mapping
How do I capture the console output for a container launched on ECS?
AWS Cognito: How should I handle PasswordResetRequiredException
Using Ref as the first argument in Fn::Sub intrinsic function
Force WWW behind an AWS EC2 Load Balancer
AWS Glue ETL job from AWS Redshift to S3 fails
Issues generating CloudFront signed URLs; always Access Denied
Attach bucket policy to bucket generated by serverless
Boto3 athena query without saving data to s3

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!