I am trying to put some files in S3 bucket through my Spring Boot app using AmazonS3Client. In AWS, I created an IAM user (test_user1) and granted S3 full access rights to this user. Also in S3, I granted "s3:*" actions to this user. The same user's credentials are specified for cloud.aws.credentials.accessKey and cloud.aws.credentials.secretKey in my config files.
When I run the app from my local computer, it works fine. I am able to put multiple files in S3 bucket and view the files.
But, when the same app is run from an AWS EC2 instance, I get bellow errors at application start:
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate org.springframework.cloud.aws.core.env.stack.config.StackResourceRegistryFactoryBean]: Factory method 'stackResourceRegistryFactoryBean' threw exception; nested exception is com.amazonaws.AmazonServiceException: User: arn:aws:iam::560600000009:user/test_user1 is not authorized to perform: cloudformation:DescribeStackResources (Service: AmazonCloudFormation; Status Code: 403; Error Code: AccessDenied;
Is there something else I have to set when accessing S3 from code running in EC2 instance? I am not using Amazon Cloud Formation.
Here is how my project looks like:
build.gradle :
compile 'org.springframework.cloud:spring-cloud-aws-autoconfigure:1.0.3.RELEASE'
compile 'org.springframework.cloud:spring-cloud-aws-context:1.0.3.RELEASE'
application.yml:
bucket: test-bucket-1
cloud.aws.credentials.accessKey: AxxxxxxxxxxxxxxA
cloud.aws.credentials.secretKey: jxxxxxxxxxxxxxxR
cloud.aws.credentials.instanceProfile: true
AmazonS3Client is autowired in my service class.
@Autowired
public FileService(AmazonS3Client s3Client) {..}
Spring Cloud AWS tries to autoconfigure CloudFormation (when the app runs in EC2).
I solved this error disabling autoconf in application.properties
cloud.aws.stack.auto=false
Read this for more info http://cloud.spring.io/spring-cloud-aws/spring-cloud-aws.html#_automatic_cloudformation_configuration.