Why can my IAM user create a bucket but not upload to it?

amazon-web-services amazon-s3 aws-cli

First you need to understand that bucket names are unique across the whole amazon domain. So if a user already has a bucket named "backup", you will not be able to create a new one with this name.

That been said, You have two main ways to manage permissions of buckets.

  • When creating a bucket you should have the permission to upload/download by default. You can check this by going to your bucket, click on your bucket name, then "properties" and finally "permission". Here, please check that your IAM user is listed in the granted permissions. You can add other permissions if needed

  • otherwise, you also can use bucket policy (same place as permissions mentioned above). You will find bucket policies example here. As an example, something like this one should make your bucket public:

    {"Version": "2012-10-17",
"Statement": [
    {
        "Sid": "myPolicy",
        "Effect": "Allow",
        "Principal": "*",
        "Action": "*",
        "Resource": [
            "arn:aws:s3:::YOUR_BUCKET_NAME/*",
            "arn:aws:s3:::YOUR_BUCKET_NAME"
        ]
    }
]}

Related

Why do some r10k configuration files start their YAML lines with :?
how to create a SSL certificate chain from my own CA?
How to install nginx 1.9x with HTTP 2 support (1.95 or higher) on Ubuntu 15.10
AWS RDS keeps backing up my server on creation
What user should run the gunicorn process?
Running dmesg on Docker results in "dmesg: read kernel buffer failed: Permission denied"
Set up IIS as forward proxy for HTTPS requests
How to hash based on host + path in Varnish?
How does Docker work as far as being able to edit Apache config files and similar stuff?
Nginx point subdirectory to root
5 seconds for hostname -f and a strange DNS request
Why is my VM created in GCE asia-east1 is getting a US IP address?