so I have service that gonna delete entity from database, that entity include file document that uploaded on aws, when delete entity api get hit the service will also running this delete file from aws method, I already defined the secret and access key on my application properties:
public void deleteFile(String fileName) {
amazonS3.deleteObject(bucketName, fileName);
}
an error I get:
Oct 28 11:59:29 minikube-new peniti-dttot[366642]: 2023-10-28 11:59:29.366 ERROR 366642 --- [nio-8087-exec-2] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 4MNTSWM4R9MG9AZX; S3 Extended Request ID: /YPsvV5/L+tAsv2fCawNAvbIYf4VvMHkkNRfAGqY6U4DOMELHh/x2b/UXV/7ogfVC6uVQdCtCtQ=; Proxy: null), S3 Extended Request ID: /YPsvV5/L+tAsv2fCawNAvbIYf4VvMHkkNRfAGqY6U4DOMELHh/x2b/UXV/7ogfVC6uVQdCtCtQ=] with root cause
Oct 28 11:59:29 minikube-new peniti-dttot[366642]: com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 4MNTSWM4R9MG9AZX; S3 Extended Request ID: /YPsvV5/L+tAsv2fCawNAvbIYf4VvMHkkNRfAGqY6U4DOMELHh/x2b/UXV/7ogfVC6uVQdCtCtQ=; Proxy: null)
I’ll be thankfull if anyone help me ๐
I’ll excpecting that file already on the aws will get deleted when the api got hit
2
Answers
First of all you need to make sure the role being used has adequate S3 permissions, for example:
Next, you’ll want to be sure the bucketName which you provide is exactly what you think it is.
And finally, check that the bucket doesn’t have a resource policy which has a deny which may be blocking you.
You are using an outdated AWS S3 Java API V1 version. This is not best practice. AWS recommends that you use AWS SDK for Java V2.
Dev Guide here:
Developer Guide – AWS SDK for Java 2.x
The S3 Java API easily lets you delete objects (and perform other S3 operations) within a Spring Boot app. You can delete an object using this V2 code:
Also make sure that the creds you are using has permission to delete S3 objects. The Access Denied exception suggests there is a permission issue.
The following topic in the AWS code library walks you through creating a Spring Boot app that uses the AWS SDK for Java V2. It creates a Photo app.
Detect objects in images with Amazon Rekognition using an AWS SDK
In summary: