AWS S3 Java SDK - Access Denied

问题:

I am trying to access a bucket and all its object using AWS SDK but while running the code i am getting an error as Exception in thread "main" com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: X), S3 Extended Request ID: Y=

Kindly suggest, where i am lacking and why access denied error is occurring although i have taken all following permission to the bucket:

s3:GetObject s3:GetObjectVersion s3:GetObjectAcl s3:GetBucketAcl s3:GetBucketCORS s3:GetBucketLocation s3:GetBucketLogging s3:ListBucket s3:ListBucketVersions s3:ListBucketMultipartUploads s3:GetObjectTorrent s3:GetObjectVersionAcl 

Code is as follows:

AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey);     ClientConfiguration clientConfig = new ClientConfiguration();     clientConfig.setProtocol(Protocol.HTTP);     AmazonS3 conn = new AmazonS3Client(credentials, clientConfig);     conn.setEndpoint(bucketName);     Bucket bucket = conn.createBucket(bucketName);     ObjectListing objects = conn.listObjects(bucket.getName());     do {             for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) {                     System.out.println(objectSummary.getKey() + "\t" +                             objectSummary.getSize() + "\t" +                             StringUtils.fromDate(objectSummary.getLastModified()));             }             objects = conn.listNextBatchOfObjects(objects);     } while (objects.isTruncated()); 

回答1:

Go to IAM and check whether the user [ Access Key & Secret Key ] which is being used for the API has the previliges to use S3 Based API.

Attached S3 Policy to the specified User - try with S3 Full Access; you can fine-grain the access once this works. For More Information Check this Link [ Managing IAM Policies ]

回答2:

The problem is now solved. There were following issue to the code:

1. The end point was not correct, There should be a correct end point.
2. There was not enough permission given to the bucket. A list of complete permission should be taken before using the bucket in AWS SDK.

Below is the correct code

AWSCredentials credentials = new BasicAWSCredentials(accessKey, secretKey); ClientConfiguration clientConfig = new ClientConfiguration(); clientConfig.setProtocol(Protocol.HTTP); AmazonS3 conn = new AmazonS3Client(credentials, clientConfig); conn.setEndpoint("correct end point"); Bucket bucket = conn.createBucket(bucketName); ObjectListing objects = conn.listObjects(bucket.getName()); do {         for (S3ObjectSummary objectSummary : objects.getObjectSummaries()) {                 System.out.println(objectSummary.getKey() + "\t" +                         objectSummary.getSize() + "\t" +                         StringUtils.fromDate(objectSummary.getLastModified()));         }         objects = conn.listNextBatchOfObjects(objects); } while (objects.isTruncated()); 

文章来源: AWS S3 Java SDK - Access Denied