Bucket does not exist

jens.floeter · February 14, 2024, 5:23pm

Hi all,
I try to use “batch” in Request Builder and followed all the cascading guides to set up a bucket at Creodias cloudferro. I updated the policy and the response is:

result = s3.get_bucket_policy(Bucket=bucket_name)
pprint(result[“Policy”])
('{“Version”: “2012-10-17”, “Statement”: [{“Sid”: “Sentinel Hub permissions”, ’
'“Effect”: “Allow”, “Principal”: {“AWS”: ’
‘“arn:aws:iam::ddf4c98b5e6647f0a246f0624c8341d9:root”}, “Action”: [“s3:"], ’
'“Resource”: [“arn:aws:s3:::JensContainer2”, ’
'"arn:aws:s3:::JensContainer2/”]}]}’)

But in Request Builder i get this error “Bucket does not exist”.

Does this mean, that the connection to the cloud is okay ?

What could be the most likely next thing to check ?

Best wishes!
Jens

william.ray · February 15, 2024, 8:36am

Hi Jens,

This is a forum specifically for Sentinel Hub APIs. Since you’re using the Copernicus Data Space Ecosystem end point for Sentinel Hub, please create a ticket on the Copernicus Data Space Ecosystem community forum, so your question will benefit other Copernicus Data Space Ecosystem users. Thank you!

jens.floeter · February 15, 2024, 9:10am

Hi William,
sorry, i thought this error message came from the Sentinel Hub API.
So, thanks heaps for the link - i will post it there.
best wishes !
Jens

william.ray · February 15, 2024, 9:22am

Yes, Sentinel Hub APIs are deployed on Copernicus Data Space Ecosystem too. We encourage users to use the community forum there when using Sentinel Hub APIs in the Copernicus Data Space Ecosystem.

gmilcinski · February 15, 2024, 9:23am

Jens, are you really using CDSE end-point?
I think you are using creodias.sentinel-hub.com, right? If so, this is the right forum.

jens.floeter · February 15, 2024, 9:42am

Hi Grega,
yes, the s3 bucket is hosted on creodias.
And i am logged in at Copernicus Data Space Ecosystem (can access jupiter notebooks etc) but i am not allowed to post in the forum, because it says i need to log in …and then there is no log-in possibility…?!

At Creodia I have generated EC2 credentials … and an OauthClient but how do I use them in Sentinel-Hub batch ?

Best wishes!
Jens

william.ray · February 15, 2024, 9:51am

Hi Jens,

As you are having issues with logging in to the community forum, let’s solve the problem here. I am assuming that the instructions you followed are located here.

The first thing I’d like you to check is the region that your S3 bucket is located in. You can check this by visiting this link. You will need to login using your Copernicus Data Space Ecosystem credentials.

Here you can check the region that your S3 bucket is located in. Sentinel Hub services only support WAW3-1 currently, so if your bucket is located in WAW3-2 then this will be the reason why you have returned the “Bucket does not exist” error message.

gmilcinski · February 15, 2024, 10:04am

Jens, can you please confirm, which Batch Processing end-point you are trying to use?
Sentinel Hub ones or CDSE one (https://sh.dataspace.copernicus.eu/api/v1/batch)

jens.floeter · February 15, 2024, 10:08am

looks like a hit…there is no region at all…

jens.floeter · February 15, 2024, 10:11am

I assume i am trying to use Sentinel Hub with creo

jens.floeter · February 15, 2024, 10:14am

And i do not know how to set a region …

jens.floeter · February 15, 2024, 10:23am

But when i make a public link then this looks like WAW3-1

https://s3.waw3-1.cloudferro.com/swift/v1/JensContainer/

gmilcinski · February 15, 2024, 10:23am

Thanks, this makes things clearer. Sorry for the confusion, it’s sometimes difficult to guess what users are up to (and, can imagine, difficult for you to find relevant resources).

As you are using Sentinel Hub deployment (not CDSE), this forum is the right place.
@william.ray will try to help you to configure things correctly (it might be I pointed to a wrong link initially).

jens.floeter · February 15, 2024, 10:27am

Thanks heaps Grega and William… I very much appreciate your help, otherwise i would be really lost…

jens.floeter · February 15, 2024, 10:31am

The policy grants access to ContainerJens2 which is not listed under Services…(but under Containers)…so maybe i update the policy to ContainerJens

jens.floeter · February 15, 2024, 10:37am

does not help…

is there something wrong with the policy setting ?

xxx are replaced by real keys

result ist

result = s3.get_bucket_policy(Bucket=bucket_name)
pprint(result[“Policy”])
('{“Version”: “2012-10-17”, “Statement”: [{“Sid”: “Sentinel Hub permissions”, ’
'“Effect”: “Allow”, “Principal”: {“AWS”: ’
‘“arn:aws:iam::ddf4c98b5e6647f0a246f0624c8341d9:root”}, “Action”: [“s3:"], ’
'“Resource”: [“arn:aws:s3:::JensContainer”, ’
'"arn:aws:s3:::JensContainer/”]}]}’)

william.ray · February 15, 2024, 10:40am

Hi Jens, you are able to discover your bucket using s3cmd ls I am assuming?

If so, I think that we need to update your bucket policy. Try replacing the share_to string with b96188fd342e4f59821340ffc8cef9f5

jens.floeter · February 15, 2024, 10:50am

Do i need to log-out and login at the “Request Builder” to make the changes active ?

william.ray · February 15, 2024, 10:56am

Let’s ignore Request Builder for now and concentrate on the Bucket policy:

If you run s3cmd info s3://{your bucket name} this will return the bucket policy to you. Can you share that with me please?

jens.floeter · February 15, 2024, 11:17am

…thanks for your message…
(SentinelENV) jensfl@blackfish3:~$ s3cmd info s3://JensContainer
s3://JensContainer/ (bucket):
Location: waw3-1
Payer: BucketOwner
Ownership: none
Versioning:none
Expiration rule: none
Block Public Access: none
Policy: {“Version”: “2012-10-17”, “Statement”: [{“Sid”: “Sentinel Hub permissions”, “Effect”: “Allow”, “Principal”: {“AWS”: “arn:aws:iam::b96188fd342e4f59821340ffc8cef9f5:root”}, “Action”: [“s3:"], “Resource”: [“arn:aws:s3:::JensContainer”, "arn:aws:s3:::JensContainer/”]}]}
CORS: none
ACL: cloud_078703_1: FULL_CONTROL