amazon s3 - Correct permissions for AWS remote copy -
i'm using s3tools sync files on server , s3 bucket. specifically, i'm using sync command. this, however, not working correctly because can't find right permissions assign user i've setup. seems working constanlty error s3cmd sync command "remote re-create failed."
here's current policy:
{ "version": "2012-10-17", "statement": [ { "sid": "somesid", "effect": "allow", "action": [ "s3:listbucket" ], "resource": [ "arn:aws:s3:::mybucket" ] }, { "effect": "allow", "action": [ "s3:listbucket", "s3:putobject", "s3:putobjectacl", "s3:deleteobject" ], "resource": [ "arn:aws:s3:::mybucket/some/path", "arn:aws:s3:::mybucket/some/path/*" ] } ] }
does know permissions should add together create remote re-create possible?
i tested permissions using sync
command provided part of aws command line interface.
this policy worked successfully:
{ "version": "2012-10-17", "statement": [ { "sid": "somesid", "effect": "allow", "action": [ "s3:getobject", "s3:listbucket", "s3:putobject" ], "resource": [ "arn:aws:s3:::mybucket", "arn:aws:s3:::mybucket/*" ] } ] }
note: s3:listbucket
operation works on bucket, while other api calls operate on object.
amazon-s3 amazon-iam s3cmd
No comments:
Post a Comment