Limiting Access to s3 Buckets using IAM roles
Question
I am trying to create access for a user to be able to upload and download to a specific bucket in s3 on amazon's AWS console. Currently my code limits access to the other buckets in s3 but they can still view the other buckets. I would like to restrict view and access of these other buckets so that they can only see and access the buckets I allow them.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::My_Bucket",
"arn:aws:s3:::My_Bucket_Uploaded"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::My_Bucket/*",
"arn:aws:s3:::My_Bucket_uploaded/*"
]
}
]
}
1 answers
solution1
0 ACCPTED 2015-08-10 20:48:10
Your question seems to have already been answered here .
TLDR; You can't limit listing to a subset of your buckets. You either use API and know you bucket's name in advance or allow users to see all bucket names on console, although their privileges in each one may be restricted as you wish.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.