How to fix error in AWS policy for AWS S3?

30 Views Asked by Vy Do At 06 April 2025 at 21:30

I read https://repost.aws/knowledge-center/s3-invalid-principal-in-policy-error

I has

{
  "Id": "Policy1710830593816",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1710830590440",
      "Action": "s3:*",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::ixxx2-station-data",
      "Principal": {
        "AWS":["arn:aws:iam::093297098997:M69-AWS-JXX-iCxxx-Developer/v_doxxx"]
      }
    }
  ]
}

(Some value changed for security)

How to fix?

Original Q&A

There are 1 best solutions below

helpinghand On 19 March 2024 at 07:19

ARNs for IAM roles should look something like arn:aws:iam::<account-id>:role/<role-name> and for IAM users, it should look something like arn:aws:iam::<account-id>:user/<user-name>.

So, if M69-AWS-JXX-iCxxx-Developer/v_doxxx is the name of your role/user, you'll want to adjust your policy to follow the format I mentioned above. Make sure the role/user name matches exactly what you've set up in AWS IAM, including any paths(I am curious as to why there is a path in your role name or user name) or special characters.

Your principal should look like:

"Principal": {
  "AWS": "arn:aws:iam::093297098997:role/M69-AWS-JXX-iCxxx-Developer/v_doxxx"
}

Again, double-check that the role name is correct and exists in your IAM, and you should be good to go.

How to fix error in AWS policy for AWS S3?

There are 1 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in S3-IAM-POLICY

Trending Questions

Popular # Hahtags

Popular Questions