堆栈内存溢出
  简体   繁体   English

如何创建只能访问特定S3存储桶的访问密钥

[英]How to create access keys that only have access to specific S3 buckets

 原文  2016-12-12 21:46:16       amazon-web-services/ amazon-s3

问题描述

I have four S3 buckets bucket1, bucket2, bucket3, bucket4 . 我有四个S3存储桶bucket1, bucket2, bucket3, bucket4 I would like to create a new Access/secret key that only has access to these four buckets. 我想创建一个只能访问这四个存储桶的新访问/秘密密钥。

How should I do this? 我应该怎么做? Should I use IAM to create a new user, then login as that user, and create the S3 buckets? 我应该使用IAM创建一个新用户,然后以该用户身份登录并创建S3存储桶吗? Would I need to create a new policy? 我需要制定新政策吗?

1 个解决方案

解决方案1
 2 已采纳  2016-12-12 22:01:29

Create an IAM policy that only gives access to these four buckets. 创建仅允许访问这四个存储桶的IAM策略。 You do this by specifying the ARN of each bucket in the policy. 通过在策略中指定每个存储区的ARN来执行此操作。 Create an IAM user and assign the policy to that user. 创建一个IAM用户并将策略分配给该用户。 Create access keys for that user. 为该用户创建访问密钥。

Here is some documentation on creating the IAM policy to grant access to specific S3 buckets. 以下是有关创建IAM策略以授予对特定S3存储桶的访问权限的一些文档

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 访问s3存储桶 - Access to s3 buckets S3-授予创建存储桶的权限 - S3 - grant access to create buckets S3:如何授予对多个存储桶的访问权限? - S3: How to grant access to multiple buckets? 是否可以将来自EC2实例的访问限制为仅使用来自特定帐户的S3存储桶? - Is it possible to restrict access from EC2 instance to use only S3 buckets from specific account? 是否可以列出我有权访问的所有AWS S3存储桶? - Is it possible to list all the AWS S3 buckets I have access to? 仅限制从 VPC 访问 S3 存储桶 - Restricting Access to S3 buckets from a VPC only 我该如何使用s3策略拒绝访问除以字符串“ xyz”开头的存储桶之外的所有存储桶? - How can i have s3 policy that denies access to all buckets except the ones that start with string “xyz”? 创建单个 IAM 用户以仅访问特定的 S3 存储桶 - Create a single IAM user to access only specific S3 bucket 防止Sagemaker用户访问s3存储桶 - prevent access to s3 buckets for sagemaker users 删除 S3 存储桶的 Web 面板访问权限 - Remove web panel access for S3 buckets
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM