Home > Enterprise >  AWS S3 Bucket Policy to allow only lowercase files
AWS S3 Bucket Policy to allow only lowercase files

Time:11-18

Is it possible to limit s3 bucket to lowercase files/directories only?

Some downstream systems are case insensitive so I want to prevent any issues.

There's a Lambda workaround, but is it possible to specify this requirement as a bucket policy?

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Enforce lower-case",
            "Effect": "Deny",
            "Principal":"*",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::mybucket/*",
            "Condition": {
                "StringNotEquals": {
                    "s3:KeyName": "lower(s3:KeyName)"
                }
            }
        }
    ]
}

CodePudding user response:

No, that is not possible because:

  • String manipulation isn't allowed in IAM policy
  • IAM string condition operators do not support regular expressions

CodePudding user response:

An alternative approach would be to have the S3 bucket trigger an AWS Lambda function, which could:

  • Examine the object Key
  • If the Key is not strictly lowercase, then Copy the object to a new lowercase Key and delete the original object

However, it would mean that Foo would rename to foo and a later FOO would overwrite foo.

  • Related