User Tools

Site Tools

You are here: Ahsay Wiki » Welcome to AhsayWiki » 5228_issue » [V7] ISSUE: AhsayCBS "Failed to access destination AmazonS3-1. Reason=Access Denied" error returned when creating predefined destination for AmazonS3

Sidebar

Announcement

Ahsay Backup Software

Backup Set Types

Supported Storage

Features in OBM / ACB

Features in CBS

Brand and Customize

License

Documentation

Performance Testing

FAQs and Known Issues

Can't Find What You Need?

public:5228_issue:ahsaycbs_failed_to_access_destination_amazons3-1._reason_access_denied_error_returned_when_creating_predefined_destination_for_amazons3

Table of Contents

[V7] ISSUE: AhsayCBS "Failed to access destination AmazonS3-1. Reason=Access Denied" error returned when creating predefined destination for AmazonS3

Article ID: 5228
Reviewed: 2017-01-13

Product Version:
AhsayOBM: 7.5.0.0 to 7.x
OS: ALL

ATTENTION 1st January, 2022: v7 officially End-of-Life [details]

Problem Description

When performing creating a new predefined destination for AmazonS3 on AhsayCBS, the following error is shown in the AhsayCBS web admin console “Failed to access destination AmazonS3-1. Reason=Access Denied”


Cause:
This issue is a result of insufficient permission assignments in the Amazon Policy group which grants permissions to the affected bucket.

When granting access permissions to a bucket via policy control correct access permission for both the files/folders within the bucket, as well as the bucket itself must be granted, for example the bucket “ahsay-1b73760024477” and files/folders within the “ahsay-1b73760024477/*” .

Resolution

To resolve the issue, please assign the following permissions to the policy “Get”, “List”,”Delete”, and “Put”

  1. Login to Amazon S3 web service console.

  2. Enter “IAM” for the Identity and Access Management page in the search box.

  3. Select “Policies” and enter policy name to search for the policy, for example “cbs”

  4. Click on the policy name, for example “CBS-Server-Access-Policy” is used to assign permission to the bucket “ahsay-1b73760024477”

    In the “Policy Document” Tab enter the following JSON policy script to assign the correct permissions to the bucket.

    For example, assign “Get”, “List”,”Delete”, and “Put” permissions to the following bucket "ahsay-1b73760024477" and all files/folders within the bucket "ahsay-1b73760024477/*"
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Sid": "Stmt1481791539000",
    "Effect": "Allow",
    "Action": [
    "s3:Get*",
    "s3:List*",
    "s3:Delete*",
    "s3:Put*"
    ],
    "Resource": [
    "arn:aws:s3:::ahsay-1b73760024477",
    "arn:aws:s3:::ahsay-1b73760024477/*"
    ]
    }
    ]
    }

  5. Click on [Validate Policy] button, once the policy has been validated. Click on [Save] Button.
  6. Login to AhsayCBS web admin and retry adding the predefinee destination

References:
https://docs.aws.amazon.com/AmazonS3/la ... rview.html
https://docs.aws.amazon.com/AmazonS3/la ... point.html
https://docs.aws.amazon.com/AmazonS3/la ... ermissions

Keywords

Amazon S3, predefined destination, IAM, permissions, bucket, access denied, Failed to access destination, policy control, validate policy, policies

public/5228_issue/ahsaycbs_failed_to_access_destination_amazons3-1._reason_access_denied_error_returned_when_creating_predefined_destination_for_amazons3.txt · Last modified: 2021/12/16 04:48 by anna.olalia

Page Tools