Skip to content

Instantly share code, notes, and snippets.

@theworkflow
Created February 23, 2016 17:45
Show Gist options
  • Save theworkflow/1cb8ca5fc24e6b5a4113 to your computer and use it in GitHub Desktop.
Save theworkflow/1cb8ca5fc24e6b5a4113 to your computer and use it in GitHub Desktop.
S3 Mongo Access Policy
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "AllowUserToSeeBucketListInTheConsole",
"Action": ["s3:ListAllMyBuckets", "s3:GetBucketLocation"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::*"]
},
{
"Sid": "AllowRootAndHomeListingOfBackupBucket",
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::mod.hippa.mongo.backups"],
"Condition":{"StringEquals":{"s3:prefix":["","${aws:username}/"],"s3:delimiter":["/"]}}
},
{
"Sid": "AllowListingOfUserFolder",
"Action": ["s3:ListBucket"],
"Effect": "Allow",
"Resource": ["arn:aws:s3:::mod.hippa.mongo.backups"],
"Condition":{"StringLike":{"s3:prefix":["${aws:username}/*"]}}
},
{
"Sid": "AllowAllS3ActionsInUserFolder",
"Effect": "Allow",
"Action": ["s3:*"],
"Resource": ["arn:aws:s3:::mod.mongo.backups/${aws:username}/*"]
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment