Skip to content

Instantly share code, notes, and snippets.

@annjawn

annjawn/authpermission.json

Created December 6, 2018 09:34
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save annjawn/742272662a9c383b4d63af9cb78e1cde to your computer and use it in GitHub Desktop.
Save annjawn/742272662a9c383b4d63af9cb78e1cde to your computer and use it in GitHub Desktop.
Download ZIP
Cognito identity pool Auth Role Permission for S3
Raw
authpermission.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"mobileanalytics:PutEvents",
"cognito-sync:*",
"cognito-identity:*"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::my-test-bucket-amplify/public/*",
"arn:aws:s3:::my-test-bucket-amplify/protected/${cognito-identity.amazonaws.com:sub}/*",
"arn:aws:s3:::my-test-bucket-amplify/private/${cognito-identity.amazonaws.com:sub}/*",
"arn:aws:s3:::my-test-bucket-amplify/protected/${cognito-identity.amazonaws.com:sub}/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::my-test-bucket-amplify/protected/*",
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::my-test-bucket-amplify/uploads/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::my-test-bucket-amplify"
],
"Condition": {
"StringLike": {
"s3:prefix": [
"public/",
"public/*",
"protected/",
"protected/*",
"private/${cognito-identity.amazonaws.com:sub}/",
"private/${cognito-identity.amazonaws.com:sub}/*"
]
}
}
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment