CodexBloom - Programming Q&A Platform

scenarios 403 when trying to access AWS S3 bucket through API Gateway with IAM authentication

πŸ‘€ Views: 155 πŸ’¬ Answers: 1 πŸ“… Created: 2025-06-07
aws api-gateway s3 iam JavaScript

Does anyone know how to Hey everyone, I'm running into an issue that's driving me crazy... I'm currently working on an AWS API Gateway that should allow users to upload files to an S3 bucket securely using IAM authentication. However, I keep receiving a 403 Forbidden behavior when attempting to access the S3 bucket through the API. I've configured the API Gateway to use AWS_IAM as the authorization type, and I can see from CloudWatch logs that the request is hitting the API but failing at the S3 level. Here is the setup I have: 1. **S3 Bucket Policy**: My S3 bucket policy looks like this: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": "s3:PutObject", "Resource": "arn:aws:s3:::my-bucket-name/*" } ] } ``` I initially had it set to allow all principals, but that felt too permissive, so I changed it to restrict it to my API Gateway's IAM role. 2. **IAM Role Policy**: The IAM role associated with my API Gateway has the following policy: ```json { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "s3:PutObject", "Resource": "arn:aws:s3:::my-bucket-name/*" } ] } ``` 3. **API Gateway Integration Setup**: In the API Gateway console, I set up the integration type to be 'AWS Service', pointing to the S3 bucket, and I specified the PUT method with the correct bucket path. 4. **CORS Configuration**: I have also enabled CORS on my API Gateway, but I’m still getting the 403 behavior when I try to make a PUT request to the endpoint using Postman: ```json { "behavior": "403 Forbidden" } ``` I’ve tried using IAM roles with both the API Gateway and the IAM users defined in my AWS account, but I just can’t seem to get it to work. Could it be an scenario with how I'm defining the IAM roles, or perhaps the S3 bucket policy? Any suggestions on how to fix this? Thanks in advance! For context: I'm using Javascript on macOS. Am I missing something obvious? I'm using Javascript LTS in this project.