MalformedPolicy
aws
config_error
ai_generated
true
An error occurred (MalformedPolicy) when calling the PutBucketPolicy operation: Policy has a length of X but the maximum length is 20480.
ID: aws/s3-bucket-policy-too-large
85%Fix Rate
88%Confidence
1Evidence
2024-03-15First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| aws-sdk-v2 | active | — | — | — |
| aws-cli/2.17.0 | active | — | — | — |
| boto3-1.34.0 | active | — | — | — |
Root Cause
S3 bucket policy exceeds the 20 KB size limit, including whitespace and JSON formatting.
generic中文
S3 存储桶策略超过 20 KB 的大小限制,包括空格和 JSON 格式。
Official Documentation
https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.htmlWorkarounds
-
90% success Minify the policy JSON using a tool like `jq -c` and retry: `aws s3api put-bucket-policy --bucket my-bucket --policy "$(cat policy.json | jq -c)"`
Minify the policy JSON using a tool like `jq -c` and retry: `aws s3api put-bucket-policy --bucket my-bucket --policy "$(cat policy.json | jq -c)"`
-
75% success Split the policy into multiple smaller policies attached to different resources (e.g., IAM roles) instead of one bucket policy.
Split the policy into multiple smaller policies attached to different resources (e.g., IAM roles) instead of one bucket policy.
中文步骤
使用工具(如 `jq -c`)压缩策略 JSON 并重试:`aws s3api put-bucket-policy --bucket my-bucket --policy "$(cat policy.json | jq -c)"`
将策略拆分为多个较小的策略,附加到不同资源(如 IAM 角色)上,而不是使用单个存储桶策略。
Dead Ends
Common approaches that don't work:
-
60% fail
Removing comments from JSON doesn't reduce size enough; comments aren't allowed in JSON policies anyway.
-
40% fail
Using a shorter bucket name doesn't significantly reduce policy size; the issue is the policy body.