When you suffer from the “API: s3:PutBucketPolicy Access Denied” error while creating a new S3 bucket, how can we resolve it?
The user encountered an error when trying to create a new Amazon S3 bucket for hosting a website. The error message indicated an “Access Denied” issue with the `s3:PutBucketPolicy` API. To resolve this, the user needs to add the `blockPublicAccess` attribute with the value `BlockPublicAccess.BLOCK_ACLS` to the CDK project configuration. By doing so, the default configuration of Amazon S3 will be updated correctly. The user provided additional links as references for more information on this topic.
Due to changing the default configuration of Amazon S3, we need to add the blockPublicAccess attribute to the CDK project.
What error did I see?
When I tried to create a new Amazon S3 bucket for hosting a new website:
const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
websiteIndexDocument: 'index.html',
publicReadAccess: true,
});I met the following CloudFormation error.
CdkSonikAppStack: deploying... [1/1]
CdkSonikAppStack: creating CloudFormation changeset...
10:08:29 PM | CREATE_FAILED | AWS::S3::BucketPolicy | SonikStaticAssetsPolicy8AA45F84
API: s3:PutBucketPolicy Access Denied
❌ CdkSonikAppStack failed: Error: The stack named CdkSonikAppStack failed to deploy: UPDATE_ROLLBACK_COMPLETE: API: s3:PutBucketPolicy Access DeniedAdd the blockPublicAccess attributes to resolve this issue.
To avoid this error, we need to add the blockPublicAccess: BlockPublicAccess.BLOCK_ACLS attributes.
const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
websiteIndexDocument: 'index.html',
publicReadAccess: true,
blockPublicAccess: BlockPublicAccess.BLOCK_ACLS,
});Referenced
ブックマークや限定記事(予定)など
WP Kyotoサポーター募集中
WordPressやフロントエンドアプリのホスティング、Algolia・AWSなどのサービス利用料を支援する「WP Kyotoサポーター」を募集しています。
月額または年額の有料プランを契約すると、ブックマーク機能などのサポーター限定機能がご利用いただけます。
14日間のトライアルも用意しておりますので、「このサイトよく見るな」という方はぜひご検討ください。