Score:0

Access Denied with IAM Update

us flag

In my scenario I have created a new policy to grant access to a server in our instance but it doesn't appear to have taken effect. We granted read and list permissions with arn:aws:iam::657644469569:role/XyzServer but we are still getting 403s from i-0215c9ea7f43cfb58.I've added an inline policy to the "XyzServer" role to allow read and list permissions on that instance (i-0215c9ea7f43cfb58 (Xyz-configure)).

I'm still receiving a deny message.

curl
https://s3.amazonaws.com/cloudfront.qwerty.com/files/ftp_upload/45174/57154fig8.jpg
-I
HTTP/1.1 403 Forbidden
x-amz-request-id: p0FMK9SGJD63S38H
x-amz-id-2:
pFibZwlkTUKHfgPsGwjtMlfPEAYPsOVHt29JAFtWrKRnqJAl6TrzLetkerLHPWgP1puxsXYXFxk=
Content-Type: application/xml
Date: Thu, 14 Apr 2022 20:52:53 GMT
Server: AmazonS3

I try to access the S3 object from the instance (i-0215c9ea7f43cfb58 (Xyz-configure)) via AWS S3 CLI and its work fine.

We were hoping to be able to access from outside the CLI though. To access outside the EC2 services, I think we can create an IAM User with Programmatic Access, the generated AWS Access Key and Secret Access Key will be configured to our local machine. Right?

When trying to retrieve PDFs from our Xyzserver we're getting denied access if PHP is executing it. Do anyone guide me to know why this would be? Here are the two commands:

• php -r 'file_get_contents("https://www.qwerty.com/pdf/57154/qwerty-protocol-57154-a-case-series-successful-abd-utilizing-novel-technique");
• curl https://www.qwerty.com/pdf/57154/qwerty-protocol-57154-a-case-series-successful-abd-utilizing-novel-technique -I

• From my observation ,I think this actually is our application serving the 403, not S3. Perhaps the PHP request somehow doesn't go out through our NAT? is that right ?

• That may be 403 prior to those changes for both CLI and PHP I've not seen the behaviour where it only fails for 1 of those request routes(CLI Works).

what is the best advice here to solve this ?

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.