Ultimately when deploying a PAM instance in AWS, the instance should have a VPCID associated with it. Then lookup the Amazon AWS Security Group for that VPCID and it should have a CIDR off the network who can access this s3 bucket.
If we are unable to mount than the VPCID and the Security Group CIDR permissions for the private network where our PAM Appliance lives - has not been setup.
Example: PAM Instance has a VPC ID = vpc-b00219d7 the Private Network =172.31.x.x
If you lookup the AWS security group for this VPCID it should have a CIDR of: