Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
IAM policy to grant a user narrow access to one S3 bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::bucket-name"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::bucket-name/*"
]
}
]
}
@rbrisita

This comment has been minimized.

Show comment
Hide comment
@rbrisita

rbrisita Jul 16, 2018

As of 2018-07-16, the policy summary will complain about having "s3:ListAllMyBuckets" when the resource does not have an '*'. I deleted it from the JSON policy to satisfy the summary.

rbrisita commented Jul 16, 2018

As of 2018-07-16, the policy summary will complain about having "s3:ListAllMyBuckets" when the resource does not have an '*'. I deleted it from the JSON policy to satisfy the summary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment