starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 13:26:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #1250] Amazon S3 Block Public Access #668

New issue
Closed
opened 2026-03-04 01:47:43 +03:00 by kerem · 2 comments
kerem commented 2026-03-04 01:47:43 +03:00
Owner
Copy link

Originally created by @luxor99 on GitHub (Mar 8, 2020).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1250

Additional Information

The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all.
Keep in mind that the commands we provide to retrieve information are oriented to GNU/Linux Distributions, so you could need to use others if you use s3fs on macOS or BSD

Version of s3fs being used (s3fs --version)

v .1.86

Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse)

2.94

Kernel information (uname -r)

4.14.165-103.209.amzn1.x86_64

GNU/Linux Distribution, if applicable (cat /etc/os-release)

mazon Linux AMI 2018.03

s3fs command line used, if applicable

/etc/fstab entry, if applicable

s3fs#mybucket /mnt/point fuse _netdev,use_path_request_style,allow_other,default_acl=public-read,uid=48,gid=48,nonempty,use_sse 0 0

#### s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs)
_if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_

AWS S3 has a new feature where you can "Block Public Access" on a bucket or account (https://aws.amazon.com/s3/features/block-public-access/).  When I turn on this feature, I can't seem to write or perform operations anymore within folders the mounted filesystem. As soon as I turn off this feature to make the bucket Public again, everything works fine.  Is there any other parameter I need to put in when I mount this bucket so that I can get unrestricted access through s3fuse even when the bucket is set to "Block Public Access"
Originally created by @luxor99 on GitHub (Mar 8, 2020). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/1250 ### Additional Information _The following information is very important in order to help us to help you. Omission of the following details may delay your support request or receive no attention at all._ _Keep in mind that the commands we provide to retrieve information are oriented to GNU/Linux Distributions, so you could need to use others if you use s3fs on macOS or BSD_ #### Version of s3fs being used (s3fs --version) v .1.86 #### Version of fuse being used (pkg-config --modversion fuse, rpm -qi fuse, dpkg -s fuse) 2.94 #### Kernel information (uname -r) 4.14.165-103.209.amzn1.x86_64 #### GNU/Linux Distribution, if applicable (cat /etc/os-release) mazon Linux AMI 2018.03 #### s3fs command line used, if applicable ``` ``` #### /etc/fstab entry, if applicable s3fs#mybucket /mnt/point fuse _netdev,use_path_request_style,allow_other,default_acl=public-read,uid=48,gid=48,nonempty,use_sse 0 0 ``` #### s3fs syslog messages (grep s3fs /var/log/syslog, journalctl | grep s3fs, or s3fs outputs) _if you execute s3fs with dbglevel, curldbg option, you can get detail debug messages_ ``` ``` AWS S3 has a new feature where you can "Block Public Access" on a bucket or account (https://aws.amazon.com/s3/features/block-public-access/). When I turn on this feature, I can't seem to write or perform operations anymore within folders the mounted filesystem. As soon as I turn off this feature to make the bucket Public again, everything works fine. Is there any other parameter I need to put in when I mount this bucket so that I can get unrestricted access through s3fuse even when the bucket is set to "Block Public Access"
kerem closed this issue 2026-03-04 01:47:43 +03:00
kerem commented 2026-03-04 01:47:44 +03:00
Author
Owner
Copy link

@sqlbot commented on GitHub (Mar 9, 2020):

default_acl=public-read would make any object created by s3fs publicly accessible.

If that is what you want, then you can't block public access on the bucket -- those two things are mutually incompatible.

Otherwise, you'll want to remove this option from s3fs or set default_acl=private instead... although, strictly speaking, that would be a no-op and unnecesary, since S3 itself defaults to that setting.

<!-- gh-comment-id:596269044 --> @sqlbot commented on GitHub (Mar 9, 2020): `default_acl=public-read` would make any object created by s3fs publicly accessible. If that is what you want, then you can't block public access on the bucket -- those two things are mutually incompatible. Otherwise, you'll want to remove this option from s3fs or set `default_acl=private` instead... although, strictly speaking, that would be a no-op and unnecesary, since S3 itself defaults to that setting.
kerem commented 2026-03-04 01:47:44 +03:00
Author
Owner
Copy link

@luxor99 commented on GitHub (Mar 9, 2020):

Yes that was it, thanks!

<!-- gh-comment-id:596317588 --> @luxor99 commented on GitHub (Mar 9, 2020): Yes that was it, thanks!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#668
No description provided.