Skip to content
This repository has been archived by the owner on Apr 30, 2019. It is now read-only.

Required permissions are unclear. #47

Open
dsaita opened this issue May 16, 2016 · 2 comments
Open

Required permissions are unclear. #47

dsaita opened this issue May 16, 2016 · 2 comments

Comments

@dsaita
Copy link

dsaita commented May 16, 2016

Hello. I can't find any documentation describing the required permissions that I have to grant on my bucket.
Going "s3:*" is not the best choice overall.

@dsaita dsaita changed the title Permissions required are unclear. Required permissions are unclear. May 18, 2016
@tommyb82
Copy link

Second this - I have been trying to expose an S3 maven bucket in read-only mode via an IAM account using ListBucket and GetObject as described on the readme page, but found it was not working and I kept hitting AccessDenied errors.
After debugging the plugin I realised it was failing on line 86 of SimpleStorageServiceWagon, when making a call to getBucketLocation. When I added the s3:GetBucketLocation permission to the statement in the user's policy, sure enough it started working.

@dweomer
Copy link

dweomer commented Jul 10, 2017

The minimal permissions that I needed to get this working were:

      "s3:Get*",
      "s3:List*",
      "s3:PutObject",
      "s3:PutObjectAcl",
      "s3:DeleteObject"

Which is effectively the default S3 read-only policy plus PutObject, PutObjectAcl, and DeleteObject

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

No branches or pull requests

3 participants