简体繁体中英

AWS S3 Bucket Policy to allow read-only access from my instances

原文 2016-02-25 18:08:36 2 3 amazon-web-services/ amazon-s3/ amazon-iam

Is it possible to create an S3 bucket policy that allows read-only access from my EC2 instances? I tried a bunch of things, but I can't figure out what to use for the principal.

3 answers

The principal will be the role.

ie: arn:aws:iam::accountnumber:role/rolename

This post describes how to do it:

http://www.tothenew.com/blog/role-based-s3-access-from-a-specific-ec2-instance/

just ignore the part about the IP address since you won't need it.

您应该为实例分配一个角色，该角色允许访问S3存储桶。

The issue is that:

You need both the role itself and the assumed-role in your not_principals clause
wildcards are not allowed in principal specifications

This explains how to use userid instead:

https://aws.amazon.com/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/

AWS S3 Bucket Policy to allow read/write access from aws machine learning

AWS S3 bucket policy to allow access to Cognito users

AWS S3 Bucket Policy - Allow GetObject only within a prefix

AWS S3 Bucket Policy to allow only lowercase files

AWS IAM Policies: How do I alter the AWSLambdaFullAccess policy to only allow access to one S3 bucket?

Amazon S3 bucket policy allow access to ONLY specific http

S3 policy to allow to write to a bucket but not to read from it, is it possible?

Create AWS Access Policy to Only 1 S3 Bucket

S3 Bucket Policy to allow S3 Access to Current Authenicated user in AWS Console?

How to securely download images from read-only AWS S3 Bucket to an iOS app using AWS amplify?

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS S3 Bucket Policy to allow read/write access from aws machine learning AWS S3 bucket policy to allow access to Cognito users AWS S3 Bucket Policy - Allow GetObject only within a prefix AWS S3 Bucket Policy to allow only lowercase files AWS IAM Policies: How do I alter the AWSLambdaFullAccess policy to only allow access to one S3 bucket? Amazon S3 bucket policy allow access to ONLY specific http S3 policy to allow to write to a bucket but not to read from it, is it possible? Create AWS Access Policy to Only 1 S3 Bucket S3 Bucket Policy to allow S3 Access to Current Authenicated user in AWS Console? How to securely download images from read-only AWS S3 Bucket to an iOS app using AWS amplify?

Related Tags

AWS S3 Bucket Policy to allow read-only access from my instances

Question

3 answers

solution1
1 ACCPTED 2016-02-25 21:02:32

solution2
0 2016-02-25 18:49:15

solution3
0 2018-06-20 21:26:28

AWS S3 Bucket Policy to allow read-only access from my instances

Question

3 answers

solution1 1 ACCPTED 2016-02-25 21:02:32

solution2 0 2016-02-25 18:49:15

solution3 0 2018-06-20 21:26:28

solution1
1 ACCPTED 2016-02-25 21:02:32

solution2
0 2016-02-25 18:49:15

solution3
0 2018-06-20 21:26:28