Is it possible to limit s3 bucket to lowercase files/directories only?
Some downstream systems are case insensitive so I want to prevent any issues.
There's a Lambda workaround, but is it possible to specify this requirement as a bucket policy?
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Enforce lower-case",
"Effect": "Deny",
"Principal":"*",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::mybucket/*",
"Condition": {
"StringNotEquals": {
"s3:KeyName": "lower(s3:KeyName)"
}
}
}
]
}
CodePudding user response:
No, that is not possible because:
- String manipulation isn't allowed in IAM policy
- IAM string condition operators do not support regular expressions
CodePudding user response:
An alternative approach would be to have the S3 bucket trigger an AWS Lambda function, which could:
- Examine the object
Key
- If the Key is not strictly lowercase, then
Copy
the object to a new lowercase Key and delete the original object
However, it would mean that Foo
would rename to foo
and a later FOO
would overwrite foo
.