Home > front end >  aws s3 upload only policy
aws s3 upload only policy

Time:01-12

More of a check than a question. I have created a bucket in s3 and I want to give a specific user access to upload files to a specific bucket. This is the policy I created:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:GetBucketLocation",
        "se:ListAllMyBuckets"
      ],
      "Resource": "arn:aws:s3:::*"
    },
    {
      "Effect": "Allow",
      "Action": ["s3:*"],
      "Resource": ["arn:aws:s3:::mybycketsname"]
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject"
      ],
      "Resource": ["arn:aws:s3:::mybycketsname/*"]
    }
  ]
}

Then I created a user with Programmatic access as the files are going to be sent through a script and attached only the above policy. The user need only add in one bucket: mybycketsname. Does my policy cover the use case?

CodePudding user response:

The simplest policy you would require is:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject"
      ],
      "Resource": ["arn:aws:s3:::mybycketsname/*"]
    }
  ]
}

This grants permission to upload (PutObject) files into the mybycketsname bucket.

They cannot do anything else (such as list the contents of the bucket or delete objects).

Page link:https//www.codepudding.com/frontend/259520.html

Prev:Python Lambda "Nested" layers
Next:Differences b/w AWS Read Replica and the Standby instances
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding