You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My s3 bucket has an acl policy that requires "bucket-owner-full-control". When I add the param to an aws cli copy command, it works, but when I try to add the param to rclone, it still gives me an "AccessDenied" error. I have tried setting the acl in many different ways:
I tried these two different configs in the config file:
My s3 bucket has an acl policy that requires "bucket-owner-full-control". When I add the param to an aws cli copy command, it works, but when I try to add the param to rclone, it still gives me an "AccessDenied" error. I have tried setting the acl in many different ways:
I tried these two different configs in the config file:
[aws-dev]
type = s3
provider = AWS
env_auth = true
region = eu-west-1
location_constraint = eu-west-1
server_side_encryption = aws:kms
acl = bucket-owner-full-control
[aws-dev]
type = s3
provider = AWS
env_auth = true
region = eu-west-1
location_constraint = eu-west-1
server_side_encryption = aws:kms
s3-acl = bucket-owner-full-control
I also tried with flags in the command:
AWS_PROFILE=dev-s3-data-transfer-role-profile rclone --progress --checkers 64 --transfers 64 --cache-workers 24 --s3-acl=bucket-owner-full-control copy x.txt aws-dev:XXXXXXXX
AWS_PROFILE=dev-s3-data-transfer-role-profile rclone --progress --checkers 64 --transfers 64 --cache-workers 24 --acl=bucket-owner-full-control copy x.txt aws-dev:XXXXXXXX
AWS_PROFILE=dev-s3-data-transfer-role-profile rclone --progress --checkers 64 --transfers 64 --cache-workers 24 --s3-acl=bucket-owner-full-control --s3-no-check-bucket copy x.txt aws-dev:XXXXXXXX
AWS_PROFILE=dev-s3-data-transfer-role-profile rclone --progress --checkers 64 --transfers 64 --cache-workers 24 --acl=bucket-owner-full-control --s3-no-check-bucket copy x.txt aws-dev:XXXXXXXX
So, it seems like the acl rclone param is not being transferred to the s3 copy when it runs.
Also, here is my the s3bucket IAM policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Deny",
"Principal": "",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::XXXXXXXX/",
"Condition": {
"StringNotLikeIfExists": {
"s3:x-amz-server-side-encryption-aws-kms-key-id": "XXXXXXXXX"
}
}
},
{
"Effect": "Deny",
"Principal": "",
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::XXXXXXXXX/",
"Condition": {
"StringNotEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
}
}
]
}
The text was updated successfully, but these errors were encountered: