Thursday, August 7, 2014

Failed Access Denied: S3 properties on us-east-1 region

When I created s3 buckets at each regions including us-east-1, us-west1, us-west-2, and ap-northeast-1 and applied the IAM policies below to a IAM group. I got some of the properties of other than us-east-1 region somehow.
I created an IAM group and attached two IAM policies with the group.
  • IAM policy to define the buckets to operate and access source IP address.
{ "Statement": [ { "Condition": { "IpAddress": { "aws:SourceIp": [ "xxx.xxx.xxx.xxx/32", "xxx.xxx.xxx.xxx/32" ] } }, "Resource": [ "arn:aws:s3:::bucket_name.ap-northeast-1", "arn:aws:s3:::bucket_name.ap-northeast-1/*", "arn:aws:s3:::bucket_name.us-west-1", "arn:aws:s3:::bucket_name.us-west-1/*", "arn:aws:s3:::bucket_name.us-west-1", "arn:aws:s3:::bucket_name.us-west-1/*", "arn:aws:s3:::bucket_name.us-west-2", "arn:aws:s3:::bucket_name.us-west-2/*" ], "Action": "s3:*", "Effect": "Allow" } ], "Version": "2012-10-17" }
  • IAM policy to list all the buckets for a s3 tool like S3 Browser
{
  "Statement": [
    {
      "Resource": "*",
      "Action": "s3:List*",
      "Effect": "Allow"
    }
  ],
  "Version": "2012-10-17"
}
I got the properties of us-west-1, us-west-2, ap-northeast-1, but couldn't get those of us-east-1, though the same IAM policies are applied.


I successfully got the properties of us-east-1 after adding the action as follows.



{
  "Statement": [
    {
      "Resource": "*",
      "Action": [
        "s3:List*",
        "s3:Get*"
      ],
      "Effect": "Allow"
    }
  ],
  "Version": "2012-10-17"
}

I am wondering if us-east-1 (US standard) region is different from other regions in how to apply IAM policy because it is the 1st region of AWS???

2 comments:

  1. Its coastlines are caressed by the waves of Aegean Sea and its vast beaches are kissed by the rays of the Sun. Endless sandy beaches, fascinating life-style of common people, 15,000km of coastline and tranquil ambience have made this country as the ultimate destination place for every tourist. Commercial property management

    ReplyDelete