Fixing “An error occurred (AccessDenied) when calling the CreateMultipartUpload operation: Access Denied”
When moving a file using the AWS cli - i.e.:
aws s3 mv s3://bucket-name/file-key-existing s3://bucket-name/file-key-new
I was getting back an access denied error. I thought I had all of the permissions in my policy set correctly, but it turned out that because the file I was trying to move had a tag, I additionally needed these tagging-related actions:
"s3:GetObjectTagging",
"s3:PutObjectTagging",
When the mv command is run, the tags are sent in the request, and without the permission to set them, you will get an access denied error. I needed to view the actual request details to debug this as the error message is cryptic:
aws --debug s3 mv s3://bucket-name/file-key-existing s3://bucket-name/file-key-new