Re: Cannot list in bucket on S3.
Can you attach a full WinSCP session log file, as well as a log from another client, in which it works?
Before posting, please read how to report bug or request support effectively.
Bug reports without an attached log file are usually useless.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::bucket-name"
],
"Condition": {
"StringLike": {
"s3:prefix": [
"",
"${aws:username}/",
"${aws:username}/*"
]
}, }
}
}
]
}
winscp log
. 2019-12-16 15:50:13.854 403 Forbidden
. 2019-12-16 15:50:13.854 Access Denied
. 2019-12-16 15:50:13.854 追加の詳細: RequestId: XXXXXXXXXXXXXXXXX, HostId: *****************************
< 2019-12-16 15:50:13.854 <?xml version="1.0" encoding="UTF-8"?>
< 2019-12-16 15:50:13.854 <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>XXXXXXXXXXXXXXXXX</RequestId><HostId>*****************************</HostId></Error>
. 2019-12-16 15:50:13.854 Running destroy hooks.
. 2019-12-16 15:50:13.854 Request ends.
. 2019-12-16 15:50:13.854 sess: Destroying session.
* 2019-12-16 15:50:13.854 (ECommand) ディレクトリ '/bucket-name' への移動のエラー。
* 2019-12-16 15:50:13.854 アクセスが拒否されました
* 2019-12-16 15:50:13.854 Access Denied
* 2019-12-16 15:50:13.854 追加の詳細: RequestId: XXXXXXXXXXXXXXXXX, HostId: *****************************
s3 log
GET /?delimiter=%2F&max-keys=1 HTTP/1.1" 403 AccessDenied 243 - 13 - "-" "WinSCP/5.16.4 neon/0.30.2" - *********************************** SigV4 ECDHE-RSA-AES128-GCM-SHA256 AuthHeader bucket-name.s3.amazonaws.com TLSv1.2