Why am I getting the error "Invalid principal in policy" when I try to update my Amazon S3 bucket policy?

Last updated: 2020-05-29

I'm trying to add or edit the bucket policy of my Amazon Simple Storage Service (Amazon S3) bucket using the console. However, I'm getting the error message "Error: Invalid principal in policy." How can I fix this?

Resolution

You receive "Error: Invalid principal in policy" when the value of a Principal in your bucket policy is invalid. To fix this error, review the Principal elements in your bucket policy. Check that they're using one of these supported values:

Additionally, review the Principal elements in the policy and check that they're formatted correctly. If the Principal is one user, the element must be in this format:

"Principal": {
    "AWS": "arn:aws:iam::111111111111:user/user-name1"
  }

If the Principal is more than one user but not all users, the element must be in this format:

"Principal": {
                "AWS": [
                  "arn:aws:iam::111111111111:user/user-name1",
                  "arn:aws:iam::111111111111:user/user-name2"
                ]
            }

If the Principal is all users, the element must be in this format:

{
  "Principal": "*"
}

If you find invalid Principal values, you must correct them so that you can save changes to your bucket policy.


Did this article help you?

Anything we could improve?


Need more help?