Login/Register
S3FS cannot gain access
Asked Answered
amazon-web-servicesamazon-s3s3fs
I

1

5

S3FS - 403 Access Denied problem. I cannot mount my S3 bucket using S3FS library.

Problem: Access Denied - 403 HTTP error.

S3FS version: 1.86

I'm using the credentials stored by aws cli. And the most baffling, is that using AWS CLI s3api works. For example I was able to copy a file onto s3 bucket by aws s3 cp awscliv2.zip s3://mybucket/awscliv2.zip, list, and do any operation.

Can you please direct me onto how do I resolve this issue? The account is fresh, I've granted Full Access to the IAM user through the Web Console. There are no Access Points, or any complicated routing that could block the request.

Here is the debug message from running the s3fs command

s3fs mybucket -o use_cache=/tmp -o mp_umask=002 -o multireq_max=5 -o dbglevel=info -f -o endpoint=us-east-2 -o curldbg s3

Host: XXXX.s3.us-east-2.amazonaws.com
User-Agent: s3fs/1.86 (commit hash 6489c5d; OpenSSL)
Accept: */*
Date: Thu, 19 Mar 2020 10:56:09 GMT

< HTTP/1.1 403 Forbidden
< x-amz-bucket-region: us-east-2
< x-amz-request-id: XXXXXXXXXXXXX
< x-amz-id-2: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
< Content-Type: application/xml
< Transfer-Encoding: chunked
< Date: Thu, 19 Mar 2020 10:56:09 GMT
< Server: AmazonS3
Interregnum answered 19/3, 2020 at 11:3 Comment(1)
I seem to be experiencing the same issue, and in the same conditions for me. Brand new bucket, using keys for an admin IAM user, s3api works well with the same keys.Pagas
P
10

Here is what worked for me. I added -o endpoint=us-west-2 -o url="https://s3-us-west-2.amazonaws.com" as my bucket was created there.

This is the article that gave me the clue: https://github.com/s3fs-fuse/s3fs-fuse/issues/807#issuecomment-455136449

It may be due to delay in metadata propagation throughout AWS, and it's possible that it was hitting the wrong region and wasn't properly redirected.

Pagas answered 30/3, 2020 at 3:10 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.