Troubleshooting IAM and Amazon S3
Use the information here to help you troubleshoot and fix issues that you might encounter when working with Amazon S3 and IAM.
How do I grant anonymous access to an Amazon S3 bucket?
You use an Amazon S3 bucket policy that specifies a wildcard (*) in the principal
element, which means anyone can access the bucket. With anonymous access, anyone (including
users without an Amazon Web Services account) will be able to access the bucket. For a sample policy, see
Example Cases for Amazon
S3 Bucket Policies in the Amazon Simple Storage Service User Guide.
I'm signed in as an Amazon Web Services account root user; why can't I access an Amazon S3 bucket under my account?
In some cases, you might have an IAM user with full access to IAM and Amazon S3. If the
IAM user assigns a bucket policy to an Amazon S3 bucket and doesn't specify the Amazon Web Services account root user as a
principal, the root user is denied access to that bucket. However, as the root user, you can still
access the bucket. To do that, modify the bucket policy to allow root user access from the Amazon S3
console or the Amazon CLI. Use the following principal, replacing 123456789012
with the ID of the Amazon Web Services account.
"Principal": { "AWS": "arn:aws-cn:iam::
123456789012
:root" }