:The "You are forbidden to list buckets" error appears when you log on to ossbrowser using the AccessKey

Challenge

You can use the OSS graphical management tool ossbrowser to quickly perform operations on buckets and objects. After the ossbrowser tool is installed, when the RAM user uses the AccessKey to log on to ossbrowser, the "AccessDenied:You are forbidden to list buckets" error appears.

Cause

The RAM user that is used to log on does not have the permissions to access the bucket.

Modification method

An error occurs when you use a RAM account to log on to ossbrowser. For more information, see the following operations to resolve this issue:

• If the RAM sub-account that you use to log on to does not have the bucket access permission, perform the authorization based on your actual needs and then log on again. For more authorization management methods, see Permission management.
  • For more information about how to authorize a RAM user to access specified resources, see Cross-account access to OSS based on bucket policies.
  • Authorize a RAM sub-account to access all buckets: You can use your Alibaba Cloud account to log on to the RAM console, create an administrator sub-account, and grant the following permissions to the account. For more information about how to grant permissions to a RAM user, see Grant permissions to a RAM user.
    

    Note: Before logging on with a RAM sub-account, you need to configure permissions on AliyunOSSFullAccess, AliyunRAMFullAccess, and AliyunSTSAssumeRoleAccess for the RAM sub-account.

• If the RAM user that you use to log on to has access to only some buckets or some objects, add the access path to the Preset OSS Path and select the Region where the bucket resides. For more information, see Install and log on to ossbrowser.

  Note: The default OSS path format is oss://[$Bucketname]/[$Path], where [$Bucketname] is the bucket name and [$Path] is the folder under the bucket. For example, if you authorize access to a file or a subfolder under the examplefolder in the bucket examplebucket, enter the oss://examplebucket/examplefolder/.

References

• Troubleshoot common errors related to OSS permissions
• How to troubleshoot 403 status code when you access OSS
• Open private OSS bucket back-to-origin access to Alibaba Cloud Content Delivery Network accelerated domain name prompt "You are forbidden to list buckets" error

Applicable scope

• Object Storage Service (OSS)