Just in case if it help others, I have resolved the issue… We starts with full rights admin and then taking rights out one by one until a suitable level of rights is reached.
We were able to access the objects with following rights:
“s3:GetObjectVersionTorrent”,
“s3:GetObjectAcl”,
“s3:GetObject”,
“s3:GetObjectTorrent”,
“s3:GetObjectRetention”,
“s3:GetObjectVersionTagging”,
“s3:GetObjectVersionAcl”,
“s3:GetObjectTagging”,
“s3:GetObjectVersionForReplication”,
“s3:GetObjectLegalHold”,
“s3:GetObjectVersion”,
“s3:ListMultipartUploadParts”
“s3:ListBucketMultipartUploads”,
“s3:ListAllMyBuckets”,
“s3:GetBucketWebsite”,
“s3:GetBucketLogging”,
“s3:ListBucketVersions”,
“s3:GetBucketCORS”,
“s3:ListBucket”,
“s3:GetBucketVersioning”,
“s3:GetBucketAcl”,
“s3:HeadBucket”,
“s3:GetBucketLocation”