Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS S3 Java SDK - Access Denied

Tags:

java

amazon-web-services

amazon-s3

I am trying to access a bucket and all its object using AWS SDK but while running the code i am getting an error as Exception in thread "main" com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: X), S3 Extended Request ID: Y=

Kindly suggest, where i am lacking and why access denied error is occurring although i have taken all following permission to the bucket:

s3:GetObject s3:GetObjectVersion s3:GetObjectAcl s3:GetBucketAcl s3:GetBucketCORS s3:GetBucketLocation s3:GetBucketLogging s3:ListBucket s3:ListBucketVersions s3:ListBucketMultipartUploads s3:GetObjectTorrent s3:GetObjectVersionAcl

Code is as follows:

AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey); ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setProtocol(Protocol.HTTP); AmazonS3 conn = new AmazonS3Client(credentials, clientConfig); conn.setEndpoint(bucketName); Bucket bucket = conn.createBucket(bucketName); ObjectListing objects = conn.listObjects(bucket.getName()); do {     for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) {             System.out.println(objectSummary.getKey() + "\t" +                     objectSummary.getSize() + "\t" +                     StringUtils.fromDate(objectSummary.getLastModified()));     }     objects = conn.listNextBatchOfObjects(objects); } while (objects.isTruncated());
like image 377
gkbstar Avatar asked Jun 10 '14 11:06

gkbstar

People also ask

Why is my S3 bucket Access Denied?

If you're getting Access Denied errors on public read requests that are allowed, check the bucket's Amazon S3 Block Public Access settings. Review the S3 Block Public Access settings at both the account and bucket level. These settings can override permissions that allow public read access.

Why am I getting an access denied error from the Amazon S3 console when I try to modify a bucket policy?

Short description. The "403 Access Denied" error can occur due to the following reasons: Your AWS Identity and Access Management (IAM) user or role doesn't have permissions for both s3:GetBucketPolicy and s3:PutBucketPolicy.

Why am I getting an HTTP 403 Forbidden error when I try to upload files using the Amazon S3 console?

The "403 Forbidden" error can occur due to the following reasons: Permissions are missing for s3:PutObject to add an object or s3:PutObjectAcl to modify the object's ACL. You don't have permission to use an AWS Key Management Service (AWS KMS) key. There is an explicit deny statement in the bucket policy.

Why is S3 object URL Access Denied?

If you're trying to host a static website using Amazon S3, but you're getting an Access Denied error, check the following requirements: Objects in the bucket must be publicly accessible. S3 bucket policy must allow access to the s3:GetObject action. The AWS account that owns the bucket must also own the object.

2 Answers

Go to IAM and check whether the user [ Access Key & Secret Key ] which is being used for the API has the previliges to use S3 Based API.

Attached S3 Policy to the specified User - try with S3 Full Access; you can fine-grain the access once this works. For More Information Check this Link [ Managing IAM Policies ]

like image 79
Naveen Vijay Avatar answered Oct 02 '22 12:10

Naveen Vijay

The problem is now solved. There were following issue to the code:

  1. The end point was not correct, There should be a correct end point.
  2. There was not enough permission given to the bucket. A list of complete permission should be taken before using the bucket in AWS SDK.

Below is the correct code

AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey); ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setProtocol(Protocol.HTTP); AmazonS3 conn = new AmazonS3Client(credentials, clientConfig); conn.setEndpoint("correct end point"); Bucket bucket = conn.createBucket(bucketName); ObjectListing objects = conn.listObjects(bucket.getName()); do {     for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) {             System.out.println(objectSummary.getKey() + "\t" +                     objectSummary.getSize() + "\t" +                     StringUtils.fromDate(objectSummary.getLastModified()));     }     objects = conn.listNextBatchOfObjects(objects); } while (objects.isTruncated());
like image 27
gkbstar Avatar answered Oct 02 '22 12:10

gkbstar
Sign in to Comment

Related questions

How specify the required Java version in a Gradle build
what is ivy? and how it is related to ant?
Logging response body (HTML) from HttpServletResponse using Spring MVC HandlerInterceptorAdapter
Can OSGi help reduce complexity?
How to store and load keys using java.security.KeyStore class
Can C# style object initialization be used in Java?
Can I override the Host header where using java's HttpUrlConnection class?
Requiring at least one element in java variable argument list
Keep inner interface method names in proguard
Mockito - thenReturn always returns null object
How to get URL from Firebase Storage getDownloadURL
Authorization Bearer token in HttpClient?
Is there a way to determine if a method has been overridden in a Java class
What is the difference between JDK_JAVA_OPTIONS and JAVA_TOOL_OPTIONS when using Java 11?
How can I prevent PermGen space errors in Netbeans?
Eclipse debugger - jump to or show only suspended thread
Get detail messages of chained exceptions Java
Why does String.indexOf() not use KMP?
Why does Java compiler allow static variable access through null object? [duplicate]
Ant: Class not found: javac1.8

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!