Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: XXXXXXXX)

Tags:

java

amazon-web-services

amazon-s3

aws-sdk

grails-2.0

From few days back i am receiving this exception when i try to push files to my S3Bucket. Ealier everything seems to work and i am sure there is no code changes from my side.

com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden
(Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden;
Request ID: XXXXXXXXXXXX),
S3 Extended Request ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:1077)
at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:725)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:460)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:295)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3699)
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:999)
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:977)

.... ....

I came across many such Q related to com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden following those

  1. I have installed NTP on my server to solve any time related issue.
  2. I have also added endPointUrl for "AmazonS3Client" object to the code which i feel may solve my problem.

Anything else i can try to solve this issue

i am using aws-java-sdk:1.9.10 for pushing files to S3 Bucket.

like image 724
Shashank.gupta40 Avatar asked Oct 19 '15 15:10

Shashank.gupta40

1 Answers

Most likely your instance has not been launched with an IAM instance profile role that has access to S3.

All access to AWS services must be signed with access key and secret. When you do this from your local machine the DefaultCredentialsProviderChain uses the access key and secret defined in your .aws/credentials file.

When you launch an EC2 instance in AWS it also needs to sign the requests to services, like s3. However, it does this by retrieving it's credentials from an internal metadata service.

So what you do is create an IAM instance profile that your instance will assume when it starts up. This IAM instance profile, like other IAM profiles for user's for example, defines what the instance has access to.

http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html

like image 137
gregwhitaker Avatar answered Sep 22 '22 10:09

gregwhitaker
Sign in to Comment

Related questions

Configure checkstyle do while statement style
how to declare a Java 8 method reference in a Spring XML file?
How to deploy a spring boot MVC application in traditional tomcat webapps folder?
Two methods with same erasure aren't necessary override-equivalent (or they signatures aren't subsignatures between them)?
Conflict with android package - Amazon SNS
Can I customize Jackson error messages?
Java: @NonNull for int?
Parse ISO date by Period in Java 8
How are class attributes/fields stored
Hibernate @Filter collection of enums
Analog of BeanPropertySqlParameterSource that can handle public fields
Spring cannot propagate transaction to ForkJoin's RecursiveAction
WebRTC connection fails on Cellular Data
Gmail POP3 not getting all messages in Java application
How to avoid banned dependency error in maven?
Jersey InputStream is modified in filter. Unable to figure out how to access modified inputStream in Jersey Resource
Convert Branch and Bound loop to use Java Stream API
Using Gradle to build Python application
Understanding lsof output
Android Espresso UI test - Test running failed: Instrumentation run failed due to 'java.lang.IllegalAccessError'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!