Created
June 8, 2020 22:12
-
-
Save rwalk/b1a397188e409a159dcf99d33f1573d6 to your computer and use it in GitHub Desktop.
AWS permit users read/list access to a prefix in a bucket
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:ListBucket" | |
| ], | |
| "Resource": [ | |
| "arn:aws:s3:::fancy-bucket" | |
| ], | |
| "Condition": { | |
| "StringLike": { | |
| "s3:prefix": [ | |
| "fancy-prefix/*" | |
| ] | |
| } | |
| } | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:Get*" | |
| ], | |
| "Resource": "arn:aws:s3:::fancy-bucket/fancy-prefix/*" | |
| } | |
| ] | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I often need to provide a user access to a single prefix path in S3. And I always forget how to do it. Here is a policy that does this. Attach it to the IAM user who needs this access.