You may find permission issue while configuring your s3 event notification to publish a message to an SNS topic.
What’s the Issue?
AWS s3 event configuration results an error while setting up the s3 event configuration to publish a message to an SNS topic
Unable to validate the following destination configuration : Permission on the destination topic do not allow s3 to publish notification from this bucket
How to Fix?
In order to fix the issue, you need to update your SNS topic policy to allow s3 to publish a message to this topic.
1. Sign in to AWS Console (link) and open SNS Service
2. Select Your Topic and Click on Edit
3. Click on Access Policy (Optional)
4. Update your Policy with below SNS Topic policy and Save it
{
"Id": "s3EventSNS",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "s3EventSNSNotification",
"Action": [
"sns:Publish"
],
"Effect": "Allow",
"Resource": "<YourTopicARN>",
"Condition": {
"ArnLike": {
"aws:SourceArn": "<Yours3BucketARN>"
}
},
"Principal": "*"
}
]
}
5. Go to s3 Service and Save the Event Configuration for your Bucket
6. Upload an Object in s3 Bucket and Verify if the event configuration is able to publish the message to SNS topic or Not
As we observed, the message is successfully published to the SNS Topic.
Please comment below for any questions related to this article.
Whether it will notify only the Key to the SNS topic or the object (data) itself can be published to the SNS topic using the Event Notifications.
I am having the same issue with SQS instead of SNS. Does this still apply?
You need to update the SQS policy to allow s3 to publish the message
I think it will only publish the message to the topic.
This worked for me.. thank you!
It worked!