S3/IAM User - Initiate restore from S3

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

Post Flair (click to view more posts with a particular flair)

technical question

Post Body

I have an AWS sandbox with an s3 bucket. As a test, a few objects are in Glacier.

I have a user with full S3 access and IAM creds for testing. The user's s3 permissions are basically S3:*. And my understanding (based on the below documentation) is the user should need s3:restore:

https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html

But even a user with full S3:* permissions cannot restore S3 objects with Storage Class 'glacier'? That doesn't make sense.

Edit:

For now, I'm testing using a tool called S3 Browser. And I want my user to restore and download a file from s3 (see link below).

https://imgur.com/a/X5Lx1Dv

The storage class is glacier, and s3 browser does allow me to initiate a restore. But the file stays in state 'glacier'. And I'm not sure what permissions I need to allow a user to download this file.

Edit 2: Edited for clarity.

Author

Account Strength

100%

Account Age

12 years

Verified Email

Yes

Verified Flair

Total Karma

34,349

Link Karma

3,057

Comment Karma

31,179

Profile updated: 5 days ago

Posts updated: 1 year ago

acebossrhino

Subreddit

r/aws

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.

Posted: 4 years ago
Reddit URL: View post on reddit.com
External URL: reddit.com/r/aws/comment...