I have get this error in wordpress: Error retrieving a list of your S3 buckets from AWS:Access Denied. I have write policy for IAM user. I don’t know where I am doing wrong. Please help me.
My IAM policy is here:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmtxxxxxxxxxxx",
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketMultipartUploads"
],
"Resource": [
"arn:aws:s3:::bucketname/*"
]
}
]
}
First of all, in order to list all your buckets, you need to create a statement that will allow your IAM to perform “s3:ListAllMyBuckets” in the entire S3 account
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*",
"Condition": {}
}
Also, it’s seems like you have trouble with bucket listing because the actions that you are trying to allow:
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketMultipartUploads"
],
must be applied to the entire bucket:
"Resource": "arn:aws:s3:::bucketname",while you are trying to allow this actions to the bucket’s content:
"Resource": "arn:aws:s3:::bucketname/*",Anyway, please try the policy below:
{"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmtxxxxxxxxxxx",
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:ListBucketMultipartUploads"
],
"Resource": "arn:aws:s3:::bucketname",
"Condition": {}
},
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*",
"Condition": {}
}
]
}
I tested it on my site and it works.
If you have any other questions, feel free to ask.
Thanks,
Vlad