Upload failed : An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

Question

Upload failed : An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

clawfire opened this issue 5 years ago · 8 comments

I tried to use your action with this config:

- name: Run AWS Cli to sync content
        uses: jakejarvis/s3-sync-action@master
        with:
          args: --acl public-read --follow-symlinks --delete
        env:
          AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }}
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          AWS_REGION: 'eu-west-1'   # optional: defaults to us-east-1
          SOURCE_DIR: '_site'      # optional: defaults to entire repository
          DEST_DIR: 'deploy_test' # optional: default to bucket root

But got this error for every files:

upload failed: _site/2019/07/24/ai4eu-the-h2020-initiative-for-a-sovereign-ai-platform-in-europe.html to s3://***/deploy_test/2019/07/24/ai4eu-the-h2020-initiative-for-a-sovereign-ai-platform-in-europe.html An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

Answer 1 · 2020-02-17T15:41:55.000Z

I cloned locally the repo and lanch the docker while passing the ENV variables manually and it works perfectly. The issue is maybe in the way the env variables are passed by github action mechanism 🤔

Answer 2 · 2020-02-17T15:47:49.000Z

is actions/checkout@master mandatory? In my case I have a previous step creating artefact so I use actions/download-artifact@v1.0.0 instead but maybe there's need for files from the repo, like the workflow file itself ?

Answer 3 · 2020-02-17T15:53:06.000Z

ok I tried keeping actions/checkout@master but still have the same error message

Answer 4 · 2020-02-23T19:10:18.000Z

ok I tried keeping actions/checkout@master but still have the same error message

Same issue here. Tested the IAM credentials locally as well and they were fine.

Answer 5 · 2020-02-23T21:49:33.000Z

@clawfire So i don't know if you have the same issue, but mine was due to the fact that my s3 bucket was set up to disable public ACLs since i was only allowing it to be served from CloudFront. If you copied the example from this you may have made the same mistake i did by leaving the --acl public-read in the args.

Answer 6 · 2020-03-03T18:52:40.000Z

@clawfire So i don't know if you have the same issue, but mine was due to the fact that my s3 bucket was set up to disable public ACLs since i was only allowing it to be served from CloudFront. If you copied the example from this you may have made the same mistake i did by leaving the --acl public-read in the args.

I made a mental note at the beginning of this endeavor that I will have to remove the --acl public-read arg, but at the time I got there I forgot about it.
@Chrisell thanks for your response

Answer 7 · 2020-03-08T21:29:21.000Z

Hum, thanks guys, I gonna have to give it a try and tells you ;)

Answer 8 · 2020-03-13T17:04:18.000Z

👌 Without --acl public-read it works perfectly. thanks guys