s3 Bucket Policies Access Denied

Question

I am trying to upload an object on s3 from aws-sdk-js, but cannot figure out policies for my case. I want to allow only one user to have upload access and a public read access.

Here are my s3 bucket policies

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadForGetBucketObjects",
            "Effect": "Allow",
            "Principal": {
                "AWS": "*"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::some-bucket/*"
        },
        {
            "Sid": "",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::1111111111111:user/some-bucket-user"
            },
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::some-bucket/*"
        }
    ]
}

And My IAM policies are :

{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"AddPerm",
      "Effect":"Allow",
      "Action":"s3:*",
      "Resource":["arn:aws:s3:::some-bucket/*"]
    }
  ]
}

Can someone please point out what I am doing wrong here?

Answer 1

To do this you don't have to deal with bucket policies at all. Bucket policies are used for allowing services to access your S3 database - not users.

To allow a user to access your S3 database add it under Permissions/Access Control List (this is next to "bucket policy") with the wanted permissions.

If it absolutely must be done via bucket policy this link covers it all: http://docs.aws.amazon.com/AmazonS3/latest/dev/s3-bucket-user-policy-specifying-principal-intro.html

Answer 2

My bad, I was not initialising the AWS.S3 correctly and it was using the users/roles of the ec2 instance and not the one I was assigning.