git clone S3 error: 403 Forbidden

Question

I want to be able to sync git repositories to AWS S3 for backups. Furthermore I want the public to be able to git clone my backups. My steps were:

s3cmd mb s3://lktesting
git update-server-info
s3cmd -P sync .git/ s3://lktesting
s3cmd ws-create s3://lktesting
s3cmd ws-info s3://lktesting

I thought this used to work, but now I get:

git clone http://lktesting.s3-website-ap-southeast-1.amazonaws.com/
Cloning into 'lktesting.s3-website-ap-southeast-1.amazonaws.com'...
error: The requested URL returned error: 403 Forbidden (curl_result = 22, http_code = 403, sha1 = bf866b95d9517ea38e213740cead5cf1c313f5aa)
Checking connectivity... done.

Does anyone know what I am missing?

Answer 1

Git objects under .git may exists as single files or inside git packs. The Git dumb HTTP protocol will try to fetch an object as a single file, and only if this fails with "404 Not found", it will look for a pack.

Apparently, an Amazon S3 bucket will only return the 404 code if you give the "List" permission to everyone: How do I have an S3 bucket return 404 (instead of 403) for a key that does not exist in the bucket/

Update: You can assign the necessary permission using AWS CLI with put-bucket-acl from s3api.

Complete sequence of commands to host a clonable git repository in an S3 bucket:

BUCKET=my-bucket-name

# Setup
aws s3 mb s3://$BUCKET
aws s3api put-bucket-acl --bucket $BUCKET --acl public-read

# Sync
git update-server-info
aws s3 sync --acl public-read .git s3://$BUCKET

# Clone
git clone https://$BUCKET.s3.amazonaws.com