Posted On: Aug 21, 2024
Amazon S3 now includes additional context in HTTP 403 Access Denied errors for requests made to resources within the same Amazon Web Services account. This new context includes the type of policy that denied access, the reason for denial, and information on the Amazon IAM user or role that requested access to the resource. This context helps you to troubleshoot access issues, identify the root cause of access denied errors, and fix incorrect access controls by updating the relevant policies. This additional context is also available in Amazon CloudTrail logs.
Enhanced access denied error messages are rolling out in the coming weeks in all Amazon Web Services Regions, including the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more about how to troubleshoot Access Denied errors in Amazon S3, visit the S3 User Guide and the Amazon IAM Troubleshooting documentation.