1. Try removing the defaultLocation param
2. In my last project awsSecretKey ended up in forward slash – ‘/’.
- I removed the defaultLocation param. No change.
- I verified my awsSecretKey -- no slash. Is there an issue if a slash is present, or is the trailing slash just something users may be likely to leave out if they aren't careful?
I successfully used Amazon's REST API, which worked fine without any credentials:
<cfhttp url="http://osric-com.s3.amazonaws.com/alpha.txt" result="result">
Seems odd that the latter would work but not the former.
In the stack trace, this message appears:
Caused by: org.jets3t.service.S3ServiceException: S3 Error Message. GET '/' on Host 's3.amazonaws.com' @ 'Fri, 07 Jun 2013 17:10:46 GMT' -- ResponseCode: 403, ResponseStatus: Forbidden, XML Error Message: <?xml version="1.0" encoding="UTF-8"?><Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>XXXXXXXXXXXXXXXXX</RequestId><HostId>XXXXXXXXXXXXXXXXXXXXXXXXX XXXXX</HostId></Error>
I'm not sure why it is requesting '/' on s3.amazonaws.com, unless that is a preliminary step to requesting the specified file from the specified bucket.
Sorry; can't help you. Just wanted to say we're experiencing what appears to be the same issue.
Here's the setup: CF 10,0,12,286680, Windows 2008 R2, IIS 7.5
In our case, the issue is complicated by the fact that we have another application on the same server that is reading/writing from Amazon without issue. Their setups are virtually identical; basically only the names are different.
In the problematic application, no matter what changes we make, we get the error: "The AWS Access Key Id you provided does not exist in our records."
The key is definitely correct; it works when entered into the other application and when manually appended before the bucket name (i.e. s3://myID:myKey@myBucket/).
It looks like that's going to be our solution; updating the app to include the s3 credentials in the cffile read/write actions.
For the record, we tried restarting CF/IIS, renaming the application, writing to a different bucket, and creating a new bucket with completely open read/write permissions.
I expect the IAM user you are using doesn't have the correct set of S3 permissions.
In our case we've ruled that out as being the issue.
As I mentioned, the IAM user can read/write from the S3 bucket without issue when the credentials are manually appended to the bucket name. It appears that, for whatever reason, CF is not properly including the S3 credentials that we are defining in the application when file/directory actions are called.
Did you try restarting CF between tests ? I've seen it cache the security associated with an IAM user, even after it's changed in teh AWS console.
We tried restarting CF/IIS, flushing caches, renaming the application, writing to a different bucket, and creating a new bucket with completely open read/write permissions.
Wow ! That does sound like everything !
I had the same problem and I think it has to do with the app name (THIS.name) but I'm not sure why. I tried a bunch of different names, some threw the error, some did not. THIS.name = 'test' produced the error but THIS.name = 'fred' didn't. Hopefully someone can take a peak under CF's hood and figure out what's going on.