DEV Community

AWS Community Builders profile image Hidetaka Okamoto
Hidetaka Okamoto for AWS Community Builders

Posted on • Originally published at wp-kyoto.net

When you suffer from the "API: s3:PutBucketPolicy Access Denied" error while creating a new S3 bucket, how can we resolve it?

#aws #cdk #typescript

Due to changing the default configuration of Amazon S3, we need to add the blockPublicAccess attribute to the CDK project.

What error did I see?

When I tried to create a new Amazon S3 bucket for hosting a new website: 

    const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
      websiteIndexDocument: 'index.html',
      publicReadAccess: true,
    });

I met the following CloudFormation error. 

CdkSonikAppStack: deploying... [1/1]
CdkSonikAppStack: creating CloudFormation changeset...
10:08:29 PM | CREATE_FAILED        | AWS::S3::BucketPolicy       | SonikStaticAssetsPolicy8AA45F84
API: s3:PutBucketPolicy Access Denied


 ❌  CdkSonikAppStack failed: Error: The stack named CdkSonikAppStack failed to deploy: UPDATE_ROLLBACK_COMPLETE: API: s3:PutBucketPolicy Access Denied

Add the blockPublicAccess attributes to resolve this issue.

To avoid this error, we need to add the blockPublicAccess: BlockPublicAccess.BLOCK_ACLS attributes. 

    const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
      websiteIndexDocument: 'index.html',
      publicReadAccess: true,
      blockPublicAccess: BlockPublicAccess.BLOCK_ACLS,
    });

Referenced

Top comments (0)

Read next

simonjohansson profile image

Node.js Frameworks Roundup 2024 — Elysia / Hono / Nest / Encore — Which should you pick?

Simon Johansson -

setho profile image

Simplicity Is An Achievement

Seth Orell -

ctaverna profile image

Hands-on introduction to Apache Iceberg

Claudio Taverna -

valaug profile image

Deploying 50 S3 Buckets with the Same Name using Terraform

Augusto Valdivia -