# An error occurred (MalformedPolicy) when calling the PutBucketPolicy operation: Policy has a length of X but the maximum length is 20480.

- **ID:** `aws/s3-bucket-policy-too-large`
- **Domain:** aws
- **Category:** config_error
- **Error Code:** `MalformedPolicy`
- **Verification:** ai_generated
- **Fix Rate:** 85%

## Root Cause

S3 bucket policy exceeds the 20 KB size limit, including whitespace and JSON formatting.

## Version Compatibility

| Version | Status | Introduced | Deprecated |
|---------|--------|------------|------------|
| aws-sdk-v2 | active | — | — |
| aws-cli/2.17.0 | active | — | — |
| boto3-1.34.0 | active | — | — |

## Workarounds

1. **Minify the policy JSON using a tool like `jq -c` and retry: `aws s3api put-bucket-policy --bucket my-bucket --policy "$(cat policy.json | jq -c)"`** (90% success)
   ```
   Minify the policy JSON using a tool like `jq -c` and retry: `aws s3api put-bucket-policy --bucket my-bucket --policy "$(cat policy.json | jq -c)"`
   ```
2. **Split the policy into multiple smaller policies attached to different resources (e.g., IAM roles) instead of one bucket policy.** (75% success)
   ```
   Split the policy into multiple smaller policies attached to different resources (e.g., IAM roles) instead of one bucket policy.
   ```

## Dead Ends

- **** — Removing comments from JSON doesn't reduce size enough; comments aren't allowed in JSON policies anyway. (60% fail)
- **** — Using a shorter bucket name doesn't significantly reduce policy size; the issue is the policy body. (40% fail)