Home > OS >  Imagekit EACCES - Access denied by AWS S3. Check attached IAM policy on AWS
Imagekit EACCES - Access denied by AWS S3. Check attached IAM policy on AWS

Time:06-21

After I set up Imagekit connecting to S3 bucket correctly with IAM policy having the s3:GetObject to the bucket, I got an error accessing the image through Imagekit url.

The error message is EACCES - Access denied by AWS S3. Check attached IAM policy on AWS

CodePudding user response:

Imagekit actually needs more than just action s3:GetObject in the policy if your objects in the S3 buckets are server-side encrypted. It will kms:Decrypt as well. This is not in their documentation as 2022/06/16.

My IAM policy is like the following to make Imagekit access correctly.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "ImagekitObjectAccess",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::[imagekit-bucket-name]/*"
            ]
        },
        {
            "Sid": "ImagekitObjectEncryptingKeyAccess",
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt"
            ],
            "Resource": [
                "arn:aws:kms:us-east-1:187681360541:key/[object-encrypting-key-id]"
            ]
        }
    ]
}
  • Related