AWS IAM S3 策略

Question

I currently have AWS Policy that grants a user account access to create new users with limited access to IAM and S3

How can I reduce the permission of this user further so the user is unable to list all the S3 buckets on my account

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "iam:PutUserPolicy",
                "iam:GetUser",
                "iam:CreateUser",
                "iam:CreateAccessKey"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "cloudformation:*"
            ],
            "Resource": "*"
        }
    ]
}

Answer 1

It is not possible to limit the list of buckets presented to a user. Either they have permission to list all the buckets in an account, or they do not have permission to list any buckets.

The ability to list buckets is separate to the ability to list the contents of a bucket.