I have the following policy:
"Statement": [
{
"Sid": "Stmt1660020066047",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::ACCOUNT_ID:root"
},
"Action": "s3:*",
"Resource": "arn:aws:s3:::MY-BUCKET/*"
}
]
I'm trying to access via browser (by signed in with the ACCOUNT_ID account) but I'm receiving the ACCESS_DENIED error, why?
If a put "AWS": "*" then I can see the files in the browser (obviously now they are public), but it's just to see that the policy works.
So I guess that even if I got "access" I can't see the files via browser.
Any hint?
NOTE: Public access block is already disabled.