Setting bucket policy

I am having some trouble adding a policy to my s3 bucket. I keep getting this error

Error: The CloudFormation template is invalid: Invalid template property or properties [BucketPolicy]

Here is the policy I have

  Type: AWS::S3::BucketPolicy
      Id: Policy1590589947784
      Version: '2012-10-17'
      - Sid: getObjectFromS3
        - s3:GetObject
        Effect: Allow
        Resource: arn:aws:s3:::${self:provider.environment.S3_BUCKET}
        Principal: "*"


  1. How would I debug this, how can I tell what part of that is invalid
  2. How do I set the bucket policy to allow for pre-signed URL downloads?

I think the error is in the Resource. I believe you need to use !Sub to substitute the variable into the arn. Try: !Sub “arn:aws:s3:::${self:provider.environment.S3_BUCKET}” (There’s other syntax for this as well, but it is the most straightforward for my use)
. I am also new to serverless, but in my experience it has been difficult to debug, so I have relied heavily on the Cloudformation Docs and trial and error.

Hope this helps!

1 Like

Yup, that worked.
Thanks man :slight_smile:

1 Like