I have a bit of a problem, to which Iam not sure I know the answer to. I have a bucket named staging
and I would like to give access to a third party dev (which is building the webapp) to allow file uploads into this bucket.
What is the correct way to go about doing this? Surely, not giving away my aws secrets?
Would be great if someone can point me in the right direction for this.
CodePudding user response:
You can achieve it using Resource Based Policies
in Staging
S3 bucket.
- Add a Resource Based Policy to Staging bucket that allow access to Dev account's IAM User/Role.
- Next, add an IAM Policy in Dev account, that allow access to S3 bucket in Staging account.
References
CodePudding user response:
if you are talking about a third party app is uploading content; one option is You can expose an API via apigateway to upload content to the bucket. Remember to remove public access from the bucket permission.