IAM policy to grant a user narrow access to one S3 bucket
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:ListBucket", | |
"s3:ListAllMyBuckets", | |
"s3:GetBucketLocation" | |
], | |
"Resource": [ | |
"arn:aws:s3:::bucket-name" | |
] | |
}, | |
{ | |
"Effect": "Allow", | |
"Action": [ | |
"s3:PutObject", | |
"s3:GetObject", | |
"s3:DeleteObject" | |
], | |
"Resource": [ | |
"arn:aws:s3:::bucket-name/*" | |
] | |
} | |
] | |
} |
This comment has been minimized.
This comment has been minimized.
morariu
commented
Oct 5, 2018
I was trying this policy but getting a "Missing required field Principal" error. |
This comment has been minimized.
This comment has been minimized.
sr9yar
commented
Oct 10, 2018
Check this out: https://gist.github.com/sr9yar/a05e278a6dddbaa66da004bbe021b2b4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
rbrisita commentedJul 16, 2018
As of 2018-07-16, the policy summary will complain about having "s3:ListAllMyBuckets" when the resource does not have an '*'. I deleted it from the JSON policy to satisfy the summary.