bucket-policy-on-destination-bucket-2.txt

{
2    "Version": "2012-10-17",
3    "Id": "PolicyForDestinationBucket",
4    "Statement": [
5        {
6            "Sid": "Permissions on objects and buckets",
7            "Effect": "Allow",
8            "Principal": {
9                "AWS": "arn:aws:iam::999999999999:role/cross-account-bucket-replication-role"
10            },
11            "Action": [
12                "s3:List*",
13                "s3:GetBucketVersioning",
14                "s3:PutBucketVersioning",
15                "s3:ReplicateDelete",
16                "s3:ReplicateObject"
17            ],
18            "Resource": [
19                "arn:aws:s3:::original-bucket-may-replica-prod/*",
20                "arn:aws:s3:::original-bucket-may-replica-prod"
21            ]
22        },
23        {
24            "Sid": "Permission to override bucket owner",
25            "Effect": "Allow",
26            "Principal": {
27                "AWS": "arn:aws:iam::999999999999:root"
28            },
29            "Action": "s3:ObjectOwnerOverrideToBucketOwner",
30            "Resource": "arn:aws:s3:::original-bucket-may-replica-prod/*"
31        }
32    ]
33}