How to access s3 when a prefix is restricted.

Advertisement

Guest

How to access s3 when a prefix is restricted.

Hi

When the following IAM policy is set, I could not access to S3 after Remote Directory is set to /bucket-name/folder1/ on WinSCP.
Could you tell me to access s3 in this case ?

"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::bucket-name",
"Condition": {
"StringLike": {
"s3:prefix": "folder1/*"
}

Error message in log file
(XXXXX is mask)

. 2018-12-12 11:30:21.693 [<?xml version="1.0" encoding="UTF-8"?>
. 2018-12-12 11:30:21.693 <Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>XXXXX</RequestId><HostId>XXXXX</HostId></Error>]

Enviroment

* WinSCP 5.13.5
* Windows 7

Reply with quote

Advertisement

martin
Site Admin
martin avatar
Joined:
Posts:
40,476
Location:
Prague, Czechia

Re: How to access s3 when a prefix is restricted.

Please attach a full session log file showing the problem (using the latest version of WinSCP).

To generate the session log file, enable logging, log in to your server and do the operation and only the operation that causes the error. Submit the log with your post as an attachment. Note that passwords and passphrases not stored in the log. You may want to remove other data you consider sensitive though, such as host names, IP addresses, account names or file names (unless they are relevant to the problem). If you do not want to post the log publicly, you can mark the attachment as private.

Reply with quote

seino
Joined:
Posts:
4

Re: How to access s3 when a prefix is restricted.

Thanks for a reply.

I upload the log.
I masked secret key etc.
  • 20181218_log.zip (4.11 KB, Private file)

Reply with quote

seino
Joined:
Posts:
4

Re: How to access s3 when a prefix is restricted.

Thanks for a reply.

I used the development version.
This problem was resolved.

Reply with quote

Advertisement

martin
Site Admin
martin avatar

Re: How to access s3 when a prefix is restricted.

Thanks for your feedback.
5.14.2 beta with the fix was released meanwhile.

Reply with quote

Advertisement

You can post new topics in this forum