Situation:
S3 Bucket named BucketDataDeliveries
IAM User: the_deliverer
Tool: Cyberduck
I created a new user named the_deliverer. I am trying to connect to the bucket using cyberduck client but when start the connection appears the message:
The request signature we calculated does not match the signature you provided. Check your key and signing method.
Connection screenshot
Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "BucketOperations",
"Effect": "Allow",
"Action": "s3:ListBucket*",
"Resource": [
"arn:aws:s3:::BucketDataDeliveries",
"arn:aws:s3:::BucketDataDeliveries/*"
]
},
{
"Sid": "ObjectOperations",
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:DeleteObject*",
"s3:GetObject*",
"s3:PutObject*"
],
"Resource": [
"arn:aws:s3:::BucketDataDeliveries",
"arn:aws:s3:::BucketDataDeliveries/*"
]
},
{
"Sid": "DenyAllOthers",
"Effect": "Deny",
"Action": "s3:*",
"NotResource": [
"arn:aws:s3:::BucketDataDeliveries",
"arn:aws:s3:::BucketDataDeliveries/*"
]
}
]
}
Can you help me?
Thanks!
I found the answer.
when you want to access to the bucket using owner account the url to define in cyberduck s3 connection is: bucket.s3.amazonaws.com
But when you want to access with other user created in IAM the url of the server is: bucket.s3-zone.amazonaws.com
In my example: BucketDataDeliveries.s3-us-gov-west-1.amazonaws.com