Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Input/output error while access s3 file #150

Closed
pch05 opened this issue Feb 13, 2024 · 2 comments
Closed

Input/output error while access s3 file #150

pch05 opened this issue Feb 13, 2024 · 2 comments

Comments

@pch05
Copy link

pch05 commented Feb 13, 2024

Hello,

It seems I encountered a similar issue:
I've mounted my s3 bucket with this command: mount-s3 <bucket_name> <directory_to_associate>

It works and I can list file and repositories on bucket from my instance.
But when I want to do 'cat' command, for example, to one of this files, I have this issue:
cat: <filename>: Input/output error

If I try to get the file on my laptop with aws s3 command, It works and I can read the content of file.

This is the policy I've applied to my instance to access bucket:

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Action": [
				"s3:*"
			],
			"Effect": "Allow",
			"Resource": "<bucket_arn>"
		}
	]
}

I hope my question helps and is in the right place.
Thank you

Originally posted by @pch05 in #142 (comment)

@dannycjones
Copy link
Contributor

Hey @pch05,

Regarding the value for <bucket_arn> you are using for your policy: is it just the straightforward ARN like arn:aws:s3:::<BUCKET_NAME>? For object-level operations like GetObject which will be used when performing the cat command, you need to use object ARN like arn:aws:s3:::<BUCKET_NAME>/*.

You can verify this is the issue by using AWS CLI to read the object so long as it uses the same credential source. You should see something like aws s3 ls s3://<BUCKET_NAME>/ succeed while aws s3 cp s3://<BUCKET_NAME>/<FILE_NAME> - fail.

More details on S3 permissions are available here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html

@pch05
Copy link
Author

pch05 commented Feb 13, 2024

Hey @pch05,

Regarding the value for <bucket_arn> you are using for your policy: is it just the straightforward ARN like arn:aws:s3:::<BUCKET_NAME>? For object-level operations like GetObject which will be used when performing the cat command, you need to use object ARN like arn:aws:s3:::<BUCKET_NAME>/*.

You can verify this is the issue by using AWS CLI to read the object so long as it uses the same credential source. You should see something like aws s3 ls s3://<BUCKET_NAME>/ succeed while aws s3 cp s3://<BUCKET_NAME>/<FILE_NAME> - fail.

More details on S3 permissions are available here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html

Thanks for your answer.

Yes arn i'm using is like: arn:aws:s3:::<BUCKET_NAME>.

Like you said, I've try this policy:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:GetBucketLocation",
                "s3:ListBucket"
            ],
            "Resource": [
                "${bucket_arn}",
                "${bucket_arn}/*"
            ]
        }
  ]
}

It's working properly now, thanks a lot!

@jjkr jjkr closed this as completed Feb 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants