Search code examples
amazon-web-servicesamazon-s3aws-lambda

Missing required field Principal - Amazon S3 - Bucket Policy

I'm trying to resize hosted images in AWS S3 using AWS Lambda. I followed this tutorial which is given by Amazon:

Tutorial

however, when I tried to update my bucket policy it always gives an error as "Missing required field Principal"

This is my policy code:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents"
      ],
      "Resource": "arn:aws:logs:*:*:*",
    },
    {
      "Effect": "Allow",
      "Action": "s3:PutObject",
      "Resource": "arn:aws:s3:::yyyy",
      "Principal":{"AWS":"arn:aws:iam::123456789:user/xxxxx"}     
    }
  ]
}

I couldn't understand why I'm getting the error. What am I doing wrong?

Solution

  • This is actually not an S3 bucket policy, but a policy document that grants permissions to your Lambda function to write logs to CloudWatch and put the objects to your S3 bucket.

    Please see how to set up that: https://www.screencast.com/t/SjD72va1Zso