IAM Permissions Required for S3 Access

Hi,

Just wondering if anyone knows what specific permissions Duplicacy requires in order to work with AWS S3.

I have an IAM user with full permissions to the bucket where the backup will be (backup.xxx), but that doesn’t seem to be sufficient. In order to make it work, I had to grant read-only access (List & Get) to all buckets. I thought maybe listing all buckets would be sufficient, but it wasn’t.

Full IAM policy is:

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “ListBuckets”,
“Effect”: “Allow”,
“Action”: [
“s3:List*”,
“s3:Get*”
],
“Resource”: [
“arn:aws:s3:::"
]
},
{
“Sid”: “VisualEditor0”,
“Effect”: “Allow”,
“Action”: "
”,
“Resource”: “arn:aws:s3:::backup.xxx.com”
}
]
}

Thanks in advance.

Antony

Actually, I was wrong. You just need full permissions to the target bucket.
I was missing the * at the end of the bucket, so correct permissions are:

{
“Version”: “2012-10-17”,
“Statement”: [
{
“Sid”: “BackupBucket”,
“Effect”: “Allow”,
“Action”: “",
“Resource”: [
“arn:aws:s3:::backup.xxx.com”,
"arn:aws:s3:::backup.xxx.com

]
}
]
}

Please mark as resolved.

1 Like