Last Updated: September 09, 2019
·
661
· mavimo

Enable a user to access to a single S3 bucket

#s3
#aws
#iam
#amazon
#bucket
#user

You need to access in your AWS console and activate IAM access control.

  • Create a new bucket in S3
  • Create a new group in IAM

  • Create a new policy in the IAM group and add:

    {
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "s3:*",
      "Resource": [
        "arn:aws:s3:::test-bucket-mavimo",
        "arn:aws:s3:::test-bucket-mavimo/*"
      ]
    },
    {
      "Effect": "Allow",
      "Action": "s3:ListAllMyBuckets",
      "Resource": "arn:aws:s3:::*"
    }
  ]
}

    and change the bucket name (from test-bucket-name to your real bucket name).

  • Create a new user in IAM

  • Add the user in the group created before

Now you can use your user credential to access and write/read in our bucket. User can list all bucket but can't access to data avialable inside the not authorized bucket. This is a know problem but there are not workaround.

#s3
#aws
#iam
#amazon
#bucket
#user

Written by Marco Vito Moscaritolo

Say Thanks
Respond

Related protips

Nginx as proxy for Amazon S3

142.1K
13

Serving web fonts via AWS S3 and Cloudfront

46.06K
5

Sharing HTML5 canvas images to directly to Facebook

35.34K
10

Have a fresh tip? Share with Coderwall community!

Post
Post a tip
Best #S3 Authors
mikhailov
141.9K
#s3
tmilewski
45.92K
#s3
#Ruby
#Open Source
lukasz-madon
43.66K
#s3
#Python
#JavaScript
brockangelo
30.99K
#s3
#Open Source
#PHP
wallin
28.7K
#s3
#Javascript
#CoffeeScript
Related Tags
#s3
#aws
#iam
#amazon
#bucket
#user
Sponsored by
#native_company#
#native_desc#
#native_cta#
Awesome Job
See All Jobs
Post a job for only $299
Thanks to our sponsor
Sponsored by #native_company# — Learn More
#native_title# #native_desc#
#native_cta#