堆栈内存溢出
  简体   繁体   English

S3策略仅允许删除用户创建的存储桶

[英]S3 policy that only allows delete for buckets created by the user

 原文  2018-11-23 09:29:21       amazon-web-services/ amazon-s3/ amazon-iam

问题描述

I would like to create a policy that allows all S3 actions, but to only delete the buckets and files the user has created itself. 我想创建一个允许所有S3操作的策略,但只删除用户自己创建的存储桶和文件。 Can I define a condition to do so? 我可以定义一个条件吗?

1 个解决方案

解决方案1
 1 已采纳  2018-11-23 10:49:11

No. There is no concept of a "user that created the bucket". 否。没有“创建存储桶的用户”的概念。

Instead, users request that a bucket be created. 而是,用户请求创建存储桶。 IAM then checks whether they have permission to do this, and the bucket is created on behalf of the account ( not on behalf of the user). 然后,IAM会检查他们是否有权执行此操作,并代表该帐户而不是代表用户)创建存储桶。 Therefore, there is no concept of a user that owns/created the bucket. 因此,不存在拥有/创建存储桶的用户的概念。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 AWS IAM 策略,用户应该只看到 s3 公共存储桶 - AWS IAM policy, user should see only s3 public buckets 针对s3存储桶的Iam策略 - Iam policy for s3 buckets 为什么存储桶策略不提供 IAM 用户列出 s3 存储桶,即使为用户设置了存储桶策略? - Why bucket policy does not provide IAM user to list s3 buckets even bucket policy is set for the user? AWS S3 IAM策略多个存储桶 - AWS S3 IAM policy multiple buckets s3 存储桶的基于标签的策略 - Tag based policy for s3 buckets S3 存储桶 CORS 策略 Django - S3 buckets CORS policy Django 删除 Elastic beanstack 创建的 s3 存储桶 - Deleting Elastic beanstack created s3 buckets 设置 AWS S3 存储桶的用户权限 - Setting user permissions for AWS S3 buckets 使用CloudFormation模板创建的S3存储桶是否有“请求者付款”属性? - Is there a “requester pays” attribute for S3 Buckets being created with CloudFormation Templates? 创建 S3 存储桶时触发 Lambda function - Trigger Lambda function when S3 buckets get created
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM