授予 IAM 用户访问 AWS S3 中存储桶特定文件夹的权限
[英]Giving an IAM user, permission to a specific folder of a bucket in AWS S3
问题描述
I am stuck in writing a policy,
我被困在写一个政策,
Scenario: We have a bucket called BUCKET, and there are two folders, FOLDER1 and FOLDER2 inside it.场景:我们有一个叫做BUCKET的bucket,里面有两个文件夹,FOLDER1和FOLDER2。 Now there is one IAM USER, user1.现在有一个 IAM USER,user1。 This user should have read/write access to FOLDER1 but not any access in FOLDER2.此用户应该具有对 FOLDER1 的读/写访问权限,但在 FOLDER2 中没有任何访问权限。 And user should also able able to list the Folders inside BUCKET.并且用户还应该能够列出 BUCKET 中的文件夹。 Means user should able to see the folder in which it have the permission.意味着用户应该能够看到它有权限的文件夹。
Any lead will be helpful.任何线索都会有所帮助。 Thanks.谢谢。
2 个解决方案
解决方案1
0 2017-10-31 06:52:39
Please add a bucket policy with the exact path you want to give access to like below,请添加一个包含您要授予访问权限的确切路径的存储桶策略,如下所示,
{ "Version":"2012-10-17", "Statement":[ { "Sid":"AddCannedAcl", //Here add your Sid "Effect":"Allow", "Principal": {"AWS": ["arn:aws:iam::111122223333:root","arn:aws:iam::444455556666:root"]}, //Here add you users ARN "Action": "s3:*", "Resource":["arn:aws:s3:::examplebucket/YOUR FOLDER/*"] //Here } ] }
解决方案2
0 2017-11-02 18:31:09
我相信这篇博文中提到的示例策略将满足您的要求: 编写 IAM 策略:授予对 Amazon S3 存储桶中用户特定文件夹的访问权限
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.