Skip to content

Instantly share code, notes, and snippets.

@ngohuytrieu

ngohuytrieu/aws-s3-bucket-policy-configuration.md

Last active August 27, 2023 09:56
Show Gist options
  • Save ngohuytrieu/fd15164069dfbe2e6788d878ffef1790 to your computer and use it in GitHub Desktop.
Save ngohuytrieu/fd15164069dfbe2e6788d878ffef1790 to your computer and use it in GitHub Desktop.
Download ZIP
AWS S3 bucket policy configuration
Raw
aws-s3-bucket-policy-configuration.md

1. Public access, allow all users, single action

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::[bucket-name]/*"
        }
    ]
}

2. Privacy access, single principal, multiple actions

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1563788613450",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::[account-id]:user/[username]"
            },
            "Action": [
                "s3:GetObject",
                "s3:PutObject"
            ],
            "Resource": "arn:aws:s3:::[bucket-name]/*"
        }
    ]
}

3. Privacy access, multiple principals

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1563788613450",
            "Effect": "Allow",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::[account-id-1]:user/username-1",
                    "arn:aws:iam::[account-id-2]:user/username-2"
                ]
            },
            "Action": "s3:DeleteObject",
            "Resource": "arn:aws:s3:::[bucket-name]/*"
        }
    ]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment