Opened 5 weeks ago

Last modified 5 weeks ago

#12029 new Bug report

Unable to connect to S3 bucket which has conditional perms

Reported by: hkrok Owned by:
Priority: normal Component: FileZilla Client
Keywords: Cc:
Component version: 3.45.2 Operating system type: Windows
Operating system version: Windows 10

Description

FileZilla Pro is unable to connect to AWS S3 buckets that have conditional ListBucket permissions. The result is a 400 Bad Request.

I have a S3 bucket on which the ListBucket permission for my user is conditional with a string prefix, e.g.:
{

"Effect": "Allow",

"Action": [

"s3:ListBucket"

],

"Resource": "arn:aws:s3:::my-bucket",

"Condition": {

"StringLike": {

"s3:prefix": [

"",

"/",

"mysubdir",

"mysubdir/"

etc.

The policy means that the user is only able to browse the top level of the bucket and the mysubdir folder, but not any of the other folders in there. The policy is confirmed as working, via the AWS CLI, AWS console and other 3rd party apps like "S3 Browser", "Cyberduck", etc.

When FileZilla Pro tries to connect to a bucket like this the result is:
Response: HTTP/1.1 400 Bad Request
and
Error: Failed to retrieve directory listing

I tried adding a remote directory in the connection config (eg /my-bucket/mysubdir) but that didnt help.

Please help!

Change History (1)

comment:1 Changed 5 weeks ago by hkrok

The same thing happens on the latest MAC version too btw.

Note: See TracTickets for help on using tickets.