Cyberduck Mountain Duck CLI

#6229 closed defect (fixed)

S3/IAM connect to "folder"

Reported by: jhalb Owned by: dkocher
Priority: normal Milestone: 4.2
Component: s3 Version: 4.1
Severity: normal Keywords: IAM
Cc: Architecture:
Platform: Mac OS X 10.6

Description

With credentials that are authorized to a particular path, I get "I/O Error: Connection failed. Cannot read container configuration".

The config is not completely vanilla and I do have issues with several other clients as well (Cloudberry, S3Browser) but can act normally with some others (Transmit, S3Fox).

I will attach my IAM policy, Cyberduck connection config, and Cyberduck log output. Please let me know if I can provide anything more. I have replaced my real bucket name with "bucket-name" but that is the only change.

Also: I get the same error with "*" for actions in the attached IAM policy.

I am using OSX 10.6.8 and Cyberduck 4.1.2.

  • Jim

Attachments (1)

cyberduck-iam.zip (65.0 KB) - added by jhalb on Sep 15, 2011 at 2:08:52 PM.

Download all attachments as: .zip

Change History (5)

Changed on Sep 15, 2011 at 2:08:52 PM by jhalb

comment:1 Changed on Sep 15, 2011 at 2:24:12 PM by dkocher

As a workaround add CloudFront read permission to the policy.

comment:2 Changed on Sep 15, 2011 at 5:05:44 PM by jhalb

Adding this didn't seem to do it.

{
      "Action": "cloudfront:*",
      "Effect": "Allow",
      "Resource": "*"
}

The bucket itself doesn't have anything about CloudFront permissions. Assume that's not part of what you're recommending?

comment:3 Changed on Nov 7, 2011 at 3:11:00 PM by dkocher

Sorry for not replying earlier. I am just investigating this issue. We are sending a HEAD request against the bucket to test the bucket is accessible given the login credentials. This fails for this bucket because the IAM user does not have read permission for the bucket itself.

comment:4 Changed on Nov 7, 2011 at 3:36:38 PM by dkocher

  • Milestone set to 4.1.4
  • Resolution set to fixed
  • Status changed from new to closed

In r9124.

Note: See TracTickets for help on using tickets.
swiss made software