👀 Views: 63 💬 Answers: 1 📅 Created: 2025-07-24

aws lambda s3 iam json

I'm following best practices but Does anyone know how to I've been struggling with this for a few days now and could really use some help... Quick question that's been bugging me - I'm currently working with an scenario where my AWS Lambda function want to access an S3 bucket despite having the policy seemingly configured correctly... The Lambda function is triggered by an S3 event, and its IAM role has the necessary permissions to read from the bucket. However, I'm getting the following behavior in the CloudWatch logs: ``` An behavior occurred (AccessDenied) when calling the GetObject operation: Access Denied ``` Here’s the relevant part of my IAM role policy: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::my-bucket-name/*" } ] } ``` The S3 bucket policy is as follows: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::123456789012:role/my-lambda-role" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::my-bucket-name/*" } ] } ``` I've checked that the Lambda function is running in the same region as the S3 bucket, and I verified that the bucket name is correct in both policies. Additionally, I confirmed that there are no explicit denies in the bucket policy that could be interfering. I also tried adding logging to the bucket policy to see if the requests were being blocked, but I saw nothing in the logs indicating that the requests were ever reaching the bucket. What else could be causing this scenario? Any suggestions would be greatly appreciated! For context: I'm using Json on Linux. Am I missing something obvious? How would you solve this? This is happening in both development and production on Debian. I appreciate any insights! I'm working with Json in a Docker container on Windows 11. Any examples would be super helpful.