Access Denied when calling the S3 PutObject operation


#1

I am using serverless framework 1.36.3. In my AWS serverless function, I am getting the following error:

An error occurred (AccessDenied) when calling the PutObject operation: Access Denied

Here is the Python3 code snippet:

tmpfilename='/tmp/'+filename
csvfile=open(tmpfilename,'w')
writer = csv.DictWriter(csvfile, fieldnames=fieldnames,quotechar='"')
writer.writeheader()
for row in data:
    csvrow={}
    for f in fieldnames:
        csvrow[f]=getFieldValue(row[f])
    writer.writerow(csvrow)
csvfile.close()

myObj=s3.Object(myBucket, filename)
s3response=myObj.put(Body=open(tmpfilename, 'rb'))

I verified that the csvfile is getting created and populated with data

This is what is generated in the IAM inline policy for the lambda role:

    {
        "Action": [
            "s3:*"
        ],
        "Resource": [
            "arn:aws:s3:::myBucket"
        ],
        "Effect": "Allow"
    }

#2

Problem solved! I needed to add a second resource definition for the files, e.g:
“arn:aws:s3:::myBucket”,
“arn:aws:s3:::/