What is the problem you are having with rclone?
Unable to upload files using an aws s3 profile.
I can use the same credentials to upload files to the same bucket and region using the AWS CLI. So that leads me to believe that something in my IAM policy is incorrect.
Ironically, other S3 backends work (eg: digitalocean spaces). Only S3 itself seem to be causing me fits.
Here is the policy I have in place - it looks like it has all the elements from the rclone docs but still not having any luck.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:ListBucketMultipartUploads",
"s3:DeleteObject",
"s3:GetObject",
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::mybucketnamehere",
"Condition": {}
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:AbortMultipartUpload",
"s3:DeleteObject",
"s3:DeleteObjectVersion",
"s3:GetObject",
"s3:GetObjectAcl",
"s3:GetObjectVersion",
"s3:GetObjectVersionAcl",
"s3:PutObject",
"s3:PutObjectAcl",
"s3:PutObjectVersionAcl"
],
"Resource": "arn:aws:s3:::mybucketnamehere/*",
"Condition": {}
},
{
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*",
"Condition": {}
}
]
}
Any suggestions to resolve this issue would be greatly appreciated.
Run the command 'rclone version' and share the full output of the command.
rclone v1.58.1
- os/version: ubuntu 20.04 (64 bit)
- os/kernel: 5.11.0-38-generic (x86_64)
- os/type: linux
- os/arch: amd64
- go/version: go1.17.9
- go/linking: static
- go/tags: none
Are you on the latest version of rclone? You can validate by checking the version listed here: Rclone downloads
Yes.
Which cloud storage system are you using? (eg Google Drive)
AWS S3.
The command you were trying to run (eg rclone copy /tmp remote:tmp
)
rclone mkdir testaws:MYBUCKET/test
The rclone config contents with secrets removed.
[testaws]
type = s3
provider = AWS
access_key_id = XXX
secret_access_key =XXX
region = us-east-2
location_constraint = us-east-2
acl = private
server_side_encryption = AES256
storage_class = STANDARD
env_auth = false