The file system is unable to handle S3 requests Access Denied with default S3 access point permissions for automatically created service roles

Troubleshooting S3 access point issues

This section describes symptoms, causes, and resolutions for when you encounter issues accessing your FSx data from S3 access points.

The file system is unable to handle S3 requests

If the S3 request volume for a particular workload exceeds the file system’s capacity to handle the traffic, you may experience S3 request errors (for example, Internal Server Error, 503 Slow Down, and Service Unavailable). You can proactively monitor and alarm on the performance of your file system using Amazon CloudWatch metrics (for example, Network throughput utilization and CPU utilization). If you observe degraded performance, you can resolve this issue by increasing the file system's throughput capacity.

Access Denied with default S3 access point permissions for automatically created service roles

Some S3-integrated AWS services will create a custom service role and customize the attached permissions to your specific usecase. When specifying your S3 access point alias as the S3 resource, those attached permissions may include your access point using a bucket ARN format (for example, arn:aws:s3:::my-fsx-ap-foo7detztxouyjpwtu8krroppxytruse1a-ext-s3alias) rather than the access point ARN format (for example, arn:aws:s3:us-east-1:1234567890:accesspoint/my-fsx-ap). To resolve this, modify the policy to use the ARN of the access point.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Delete a file

Accessing data from other AWS services