Amazon s3 invalid policy bucket core

Question

Amazon s3 invalid policy bucket core

I am trying to create a new console policy on the Amazon S3 console and get an error message

Invalid principal in policy - "AWS": "my_username"

The username that I use as the primary is my default recipient.

My policy

{ "Id": "Policy14343243265", "Statement": [ { "Sid": "SSdgfgf432432432435", "Action": [ "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectVersionAcl", "s3:PutObject", "s3:PutObjectAcl", "s3:PutObjectVersionAcl" ], "Effect": "Allow", "Resource": "arn:aws:s3:::my_bucket/*", "Principal": { "AWS": [ "my_username" ] } } ] }

I do not understand why I get the error. What am I doing wrong?

+7

api amazon-s3 amazon-web-services

Cyberjunkie Oct 05 '12 at 16:07

source share

2 answers

The best solution:

Create an IAM policy that provides bucket access
Assign it to a group
Put the user in this group.

Instead of saying, "This bucket is allowed to be touched by this user," you can define "These are people who can touch this."

It sounds silly right now, but wait until you add 42 more buckets and 60 users to the mix. Having a central place to control all access to the resource will save a day.

0

Jan Hertsens Nov 08 '17 at 21:53

source share

willglynn · Accepted Answer · 2012-10-05T16:14:08+0000

As the error message says, your main one is incorrect. Check the S3 documentation for guidelines on how to fix it. As shown in the sample policies , this should be something like arn:aws:iam::111122223333:root .

Amazon s3 invalid policy bucket core

More articles: