IAM policy to grant a user narrow access to one S3 bucket
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:ListBucket", | |
| "s3:ListAllMyBuckets", | |
| "s3:GetBucketLocation" | |
| ], | |
| "Resource": [ | |
| "arn:aws:s3:::bucket-name" | |
| ] | |
| }, | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "s3:PutObject", | |
| "s3:GetObject", | |
| "s3:DeleteObject" | |
| ], | |
| "Resource": [ | |
| "arn:aws:s3:::bucket-name/*" | |
| ] | |
| } | |
| ] | |
| } |
This comment has been minimized.
This comment has been minimized.
|
I was trying this policy but getting a "Missing required field Principal" error. |
This comment has been minimized.
This comment has been minimized.
Check this out: https://gist.github.com/sr9yar/a05e278a6dddbaa66da004bbe021b2b4 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
As of 2018-07-16, the policy summary will complain about having "s3:ListAllMyBuckets" when the resource does not have an '*'. I deleted it from the JSON policy to satisfy the summary.