How are you defining permissions for Strapi to access the bucket? I’m running it from an EKS pod where the IAM role it’s running as has permissions to access the bucket, so my config in Strapi doesn’t contain an access or secret key. Could be you’ve got a typo or space or similar in one of those. Other than that, I’ve seen that error before (but not with Strapi, completely unrelated to anything I was doing here) when object names contain UTF8 characters outside of the regular ASCII set and the library I was using wasn’t encoding them correctly.
I’ve not done anything ‘special’, when I actually tried it with config.s3Options.params.ACL = 'private' it Just Worked 
when the bucket was configured to disallow access from anything apart from CloudFront and the IAM role the pod was running as.
Have you definitely created the IAM account permissions correctly? Have you tested them outside of Strapi? The role will need the relevant s3:XXX IAM permissions but the S3 bucket policy will also need to explicitly grant access to the role.