I just went to set this up yesterday and ran into the test connection issue. You just need to add permissions to the AWS policy for iam:GetUser. Here is an example:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::duplicati-bucket",
"arn:aws:s3:::duplicati-bucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"iam:GetUser"
],
"Resource": [
"arn:aws:iam::000000000000:user/duplicati-user"
]
}
]
}
000000000000 is your AWS account id ; get when logged into AWS console in the top right of the browser. change the bucket references to match your buckets and user. Once I applied this policy the test connection and backup worked just fine.