3

I'm developing a web api using .NET Core 2 on a Windows laptop. I'm trying to access my S3 bucket and am getting an Access Denied error.

Interesting thing is that it works with the AWS CLI.

My appSettings.Development.json file:

"AWS": {
    "Profile": "my-profile",
    "Region": "us-east-1"
 }

Startup.cs file:

public void ConfigureServices(IServiceCollection services)
{
    services.AddMvc();

    var options = Configuration.GetAWSOptions();
    services.AddDefaultAWSOptions(Configuration.GetAWSOptions());
    services.AddAWSService<IAmazonS3>();
}

BucketController.cs file:

public async Task<IEnumerable<string>> Get()
{
    // List all objects
    ListObjectsRequest listRequest = new ListObjectsRequest
    {
        BucketName = "shel-bucket"
    };

    ListObjectsResponse listResponse;
    do
    {
        // Get a list of objects
        listResponse = await _client.ListObjectsAsync(listRequest);
        foreach (S3Object obj in listResponse.S3Objects)
        {
            Console.WriteLine("Object - " + obj.Key);
            Console.WriteLine(" Size - " + obj.Size);
            Console.WriteLine(" LastModified - " + obj.LastModified);
            Console.WriteLine(" Storage class - " + obj.StorageClass);
        }

        // Set the marker property
        listRequest.Marker = listResponse.NextMarker;
    } while (listResponse.IsTruncated);

    return null;
}

The error I get is AmazonS3Exception: Access Denied.

When I do it from the AWS CLI it works.

aws --profile my-profile s3 ls shel-bucket
                              PRE test1/
                              PRE images/
                              PRE projects/
                              PRE test4/

My credentials and confil files are in the default location in .aws.

Improve this question
7
  • Is it a public or private bucket? Commented Mar 12, 2018 at 21:27
  • 1
    Have you tried with your access key and secret in your config file to see if the profile is not being imported correctly? Is your bucket in us-east-1? Commented Mar 12, 2018 at 21:31
  • @tura08 - It's private Commented Mar 13, 2018 at 0:10
  • 1
    How are you supplying your accessKey/secretKey ? Commented Mar 13, 2018 at 0:12
  • @programmerj So I ended up hard coding the credentials in the code itself and works. Commented Mar 13, 2018 at 2:13

4 Answers 4

Reset to default
2

In your code, try replacing your Startup with:

public void ConfigureServices(IServiceCollection services)
{
        services.AddMvc();
        services.AddSingleton<IS3Service, S3Service>();
        services.AddAWSService<IAmazonS3>();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }

        app.UseMvc();
}

You first need to install in the Package Manager Console:

`Install-package AWSSDK.Extensions.NETCORE.Setup`

`Install-package AWSSDK.S3`

Then you need to have the credentials file in the directory:

`C:\Users\username\.aws\credentials`

The credential file should have this format:

[default]
aws_access_key_id=[Write your access key in here]
aws_secret_access_key=[Write your secret access key in here]
region=[Write your region here]

I uploaded in github an example of a basic CRUD in ASP.NET CORE for S3 buckets.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Check your permissions for file write/read access in your account or try this through coding 

CannedACL = S3CannedACL.BucketOwnerFullControl

It resolved my problem when I faced the same Issue.

Improve this answer

Comments

2
  1. I have solved with following below steps
  2. Goto AWS IAM service
  3. Select Users
  4. Click Add Permissions
  5. Give access to S3 and try now.
Improve this answer

Comments

0

I tried all of this and it worked when deploying to AWS Lambda but never worked in my local environment. I resolved it by creating a new S3Client myself instead of injecting it:

var S3Client = new AmazonS3Client(Amazon.RegionEndpoint.USWest2);
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.