Problem description
The requesting account is not the resource owner and lacks the required permissions in its Access Management (RAM) policies.
Causes
This error occurs when the account used to request a bucket or object resource is not the owner of the resource and is not granted the required permissions in RAM policies.
Examples
A RAM user without the oss:PutBucket permission sends a PutBucket request. OSS returns this error because no Allow statement grants oss:PutBucket to that user.
Solutions
Step 1: Identify the requester
Check which account or RAM user sent the request and verify whether it is the resource owner.
Step 2: Check resource ownership
Verify that the requesting account is the bucket owner. Requests from non-owner accounts must be authorized through RAM policies.
Step 3: Inspect and fix RAM policies
Log in to the RAM console.
Locate the RAM user and review all attached policies.
Check whether the required action (for example,
oss:PutBucket) appears in the policy statements and add anAllowstatement if it is missing.
For ready-to-use policy templates, see Common examples of RAM policies.
For a full overview of how RAM policies apply to OSS, see RAM policy overview.