Bootstrap FreeKB - Amazon Web Services (AWS) - Resolve "AccessControlListNotSupported The bucket does not allow ACLs"
Amazon Web Services (AWS) - Resolve "AccessControlListNotSupported The bucket does not allow ACLs"
Updated:   |  Amazon Web Services (AWS) articles

Let's say something like this is being returned.

AccessControlListNotSupported: The bucket does not allow ACLs

 

I got this when attempting to upload a file to one of my S3 Buckets using shallwefootball/s3-upload-action.

name: GitHub Action
run-name: ${{ github.actor }}
on:
  push:
    branches:
      - main
jobs:
  github-action-job:
    runs-on: ubuntu-latest
    steps:      
      - name: Checking out the repository code . . .
        uses: actions/checkout@v4
      
      - name: upload images to S3 Bucket my-bucket-abcdefg
        uses: shallwefootball/s3-upload-action@master
        id: S3
        with:
          aws_key_id: ${{ secrets.AWS_KEY_ID }}
          aws_secret_access_key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          aws_bucket: my-bucket-abcdefg
          source_dir: images
          destination_dir: images

 

 The aws s3api get-bucket-acl command can be used to list an S3 Bucket Access Control List (ACL). All good there.

~]$ aws s3api get-bucket-acl --bucket my-bucket-abcdefg
{
    "Owner": {
        "DisplayName": "john.des",
        "ID": "ab0e0a12345678903a77c82240d5cb3fc41ff11cc312345678977a5f8e743743"
    },
    "Grants": [
        {
            "Grantee": {
                "DisplayName": "john.doe",
                "ID": "ab0e0a12345678903a77c82240d5cb3fc41ff11cc312345678977a5f8e743743",
                "Type": "CanonicalUser"
            },
            "Permission": "FULL_CONTROL"
        }
    ]
}

 

I then used the aws s3api get-public-access-block command and saw that the S3 Bucket had Public Access blocked.

~]$ aws s3api get-public-access-block --bucket my-bucket-abcdefg
{
    "PublicAccessBlockConfiguration": {
        "BlockPublicAcls": true,
        "IgnorePublicAcls": true,
        "BlockPublicPolicy": true,
        "RestrictPublicBuckets": true
    }
}

 

I used the aws s3api delete-public-access-block command can be used to remove the public access block.

aws s3api delete-public-access-block --bucket my-bucket-abcdefg

 

And then the aws s3api put-public-access-block command to set BlockPublicAcls=false and the others to true.

aws s3api put-public-access-block \
--bucket my-bucket-abcdefg \
--public-access-block-configuration "BlockPublicAcls=false,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"

 

And confirm BlockPublicAcls is now set to false.

]$ aws s3api get-public-access-block --bucket my-bucket-abcdefg
{
    "PublicAccessBlockConfiguration": {
        "BlockPublicAcls": false,
        "IgnorePublicAcls": true,
        "BlockPublicPolicy": true,
        "RestrictPublicBuckets": true
    }
}

 

I also had to update Object Ownership to ACLs enabled.

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 7b8e63 in the box below so that we can be sure you are a human.