I’ve been holding off v3.6.10 waiting for a fix for the S3 multipart problem, but I just did a couple of tests now and have found another S3 problem.
Prior to v3.6.10, it was possible to create a backup job for an S3 bucket without having the
s3:ListAllMyBucketsprivilege. When an API key had no such privilege, the drop-down list of buckets was replaced by a text field.
Instead, v3.6.10 displays an error and will not allow a bucket name to be entered directly.
Error executing “ListBuckets” on “https://s3.us-west-2.amazonaws.com/”; AWS HTTP error: Client error:
GET https://s3.us-west-2.amazonaws.com/resulted in a
403 Forbiddenresponse: <?xml version=”1.0″ encoding=”UTF-8″?> <Error>
AccessDenied<Message>Access Denied</Message><RequestId>XXXXXX (truncated…) AccessDenied (client): Access Denied – <?xml version=”1.0″ encoding=”UTF-8″?> <Error>
This error goes away when
s3:ListAllMyBucketsprivilege is added to the API key’s role, but of course that’s a security problem and must not be required for a secure backup.
- The topic ‘v3.6.10 requires s3:ListAllMyBuckets’ is closed to new replies.