`Access Denied` for some files, when syncing buckets
I'm using awscli
to sync 2 buckets (same account):
aws s3 sync --only-show-errors s3://bucket-1 s3://bucket-2
but for some files I get permission errors:
copy failed: s3://bucket-1/dirname/file.flac to s3://bucket-2/dirname/file.flac An error occurred (AccessDenied) when calling the UploadPartCopy operation: Access Denied
(in some cases the the failing operation is CopyObject
)
this only seems to happen for .flac
files. all other files are .mp3
s, so the only difference is I can think of is the file size.
since I'm using a user with full s3 permissions for this, I don't understand why this is happening (or how this could be fixed).
Solution 1:
Could it be that the object is owned by a different account?
It may happen when a bucket in AWS account AAA is writable by AWS account BBB, e.g. through BucketPolicy, but the writer (in BBB) didn't specify --acl bucket-owner-full-control
permission when uploading it.
Check the object's ACL using:
aws s3api get-object-acl --bucket bucket-1 --key dirname/file.flac
Similar for the destination - if an existing object is owned by a different account you won't be able to overwrite it. That's why UploadPartCopy
would fail.
Hope that helps.