This is the code I wrote for s3bucket
I'm not able to list/see bucket sseth-learning-account1 from IAM user sseth1 S3 dashboard in AWS console although by bucket policy saved successfully without giving me any error. How can I give permission to IAM user to list/see only single bucket required for his task?
{
"Version": "2012-10-17",
"Id": "Policy1644033771978",
"Statement": [
{
"Sid": "Stmt1644033769613",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::196172918120:user/sseth1"
},
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectAcl"
],
"Resource": [
"arn:aws:s3:::sseth-learning-account1",
"arn:aws:s3:::sseth-learning-account1/*"
]
}
]
}
CodePudding user response:
It appears that you are wanting to give a specific user permissions for Amazon S3.
The recommended way to do this is to add a policy to the IAM User (rather than using a Bucket Policy).
It would be the same policy you have created, but there is no Principal because that is implied by the IAM User that has the policy.
(This is not necessarily the cause of your problem, but you have not provided enough information to diagnose your specific issue. I'm simply explaining an alternate way to achieve your goals.)
CodePudding user response:
It appears that your goal is to allow a particular user to access an Amazon S3 Bucket via the S3 management console without allowing them to see the list of other buckets.
This is not possible.
However, you can 'cheat'...
YOU (with full permissions) should go to the bucket in the S3 management console and access the desired bucket. Then, copy the URL from the browser and provide this URL to the other user. They can then use that URL to directly access that bucket in the S3 management console without going via the list of buckets. This way, they will be able to view and use that specific the bucket in the console.