How do I set policy to my linode object storage with s3cmd tool
I already set up s3cmd tool correctly since I can perform actions like download, list, upload, etc.
But when I use it to set my custom policy, I always get 403 code
❯ s3cmd setpolicy policy.json s3://cors
ERROR: S3 error: 403 (AccessDenied)
why is that? can someone help me?
4 Replies
I notice that s3:setBucketPolicy
is missing in action. How would I add that to current policy since I can't use s3cmd to achieve it
I am facing the same issue. How did you resolve this?
Same issue here.
I followed this guide to set up and configure s3cmd (I'm working on a Mac): https://www.linode.com/docs/products/storage/object-storage/guides/s3cmd/#interacting-with-buckets.
I checked the permissions and the key is correctly set on read/write.
I can perform actions like listing or uploading objects, but when it comes to setting a custom policy (s3cmd setpolicy policy.json s3://[MyBucketName]) I get "ERROR: S3 error: 403 (AccessDenied)".
Am I missing something?
In the past, we've seen this issue because there is already a bucket policy in place preventing the the command from running. To see if if you have a policy in place, you can run this command to view the current information for your bucket:
s3cmd info s3://[MyBucketName]
If there is already a bucket policy that is locking you out of being able to update the bucket, you can share that with our Support Team. Our admins may be able to help if that is the case.
Otherwise, the next step would be to try running the command in debugging mode to see if that provides additional information about where the error lies:
s3cmd setpolicy policy.json s3://[MyBucketName] -d
If you used a 3rd party tool like Terraform to provision your bucket, it's possible that there were settings that created a policy by default, either for the bucket or for the IAM user. You can read more about troubleshooting permissions issues for either through these resources:
Policies and permissions in IAM
Troubleshoot Access Denied errors