AWS S3 Policy to restrict access to specific buckets
Paste this into the "Policy Document" window, with "bucket1" and "bucket2" changed to the names of your buckets, when editing permissions for a user or group in the IAM section of the Amazon Web Services Console.
{
"Statement": [
{
"Effect": "Allow",
"Action": ["s3:GetBucketLocation", "s3:ListAllMyBuckets"],
"Resource": [
"arn:aws:s3:::bucket1",
"arn:aws:s3:::bucket2"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketAcl",
"s3:GetBucketVersioning",
"s3:GetBucketRequestPayment",
"s3:GetBucketLocation",
"s3:GetBucketPolicy"
],
"Resource": [
"arn:aws:s3:::bucket1",
"arn:aws:s3:::bucket2"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject",
"s3:GetObjectAcl",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::bucket1/*",
"arn:aws:s3:::bucket2/*"
]
}
]
}Written by Lawrence Wang
Related protips
Have a fresh tip? Share with Coderwall community!
Post
Post a tip
Best
#Permissions
Authors
Sponsored by #native_company# — Learn More
#native_title#
#native_desc#