Thursday, 16 January 2020

AWS - S3 Grant specific folder or bucket access to IAM user

Before grant lets test as the user > Console > S3>


 To Grant access to the user > Console > Select the user > add inline policy >


Click Json



The Above Json grant list access to s3testjhb2020 bucket also upload(put) , download(get) and Delete files inside s3testbucketjhb2020
> ClickReview > Create Policy


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::s3testbucketjhb2020"
        },
        {
            "Sid": "VisualEditor2",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:ListBucket",
                "s3:DeleteObject",
                "s3:GetObject"
            ],
            "Resource": "arn:aws:s3:::s3testbucketjhb2020/*"
        }
    ]
}



Now Lets login as testuser and verify






Further Ex: https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-2
https://aws.amazon.com/blogs/security/writing-iam-policies-how-to-grant-access-to-an-amazon-s3-bucket/

No comments: