so has anybody been able to get Identity and Access Management ( IAM ) accounts to work with s3cmd? i have used s3cmd allot with my s3 account but i would like to had off some management to another user. so i created one in IAM. that user is able to upload content using other tools but i can not seem to get s3cmd to work for them, i always get access denied when i run s3cmd -configure and enter the IAM user credentials.
I got some excellent help on the mailing list so i thought i would document what i had to do to make IAM work. for what ever reason you need to give your IAM user full access to everything to begin with. something like this…
then dos 3cmd -configure
then reset your policies on that user to restrict thier access down to what you want. i my case i did a group policy to just list all buckets and have full access to a couple of those buckets. this use of IAM made be feel better about using this app on a server without leaving my root credentials in the .ini file. ill leave more notes here