AWS policy to limit S3 data size per IAM user
Question
I am trying to put a restriction on how much data a given user can upload to an S3 bucket based on account tiers.
For example: Tier 1: user can upload max 1GB to S3 | Tier 2: “” 5GB | Tier 3: “” 25GB | etc.
I have not been able to find any resources on the web attacking this issue.
I have explored the world of IAM and S3 bucket policies, but, to my understanding, it looks like everything is concerned with restricting access to the buckets as opposed to limiting the amount of data a user can contribute.
I still want the user to be able execute CRUD operations against this bucket, but only while remaining within the size limit associated with their tier.
All suggestions are appreciated.
1 answers
solution1
1 2019-06-25 02:57:44
There is no in-built capability in Amazon S3 to limit the amount of storage.
One method you could use is to have your application monitor the amount of storage consumed by a user . When they want to upload another file, you can check whether their limit has been exceeded. If so, then do not permit the upload.
If their limit has not been exceeded, your application can create a pre-signed URL for uploading a file and, within the policy for that pre-signed URL, specify a maximum file size permitted. Your application would set this size based upon the amount left within their quota.
Please note that all logic regarding the quota will be the responsibility of your application .
See: Uploading Objects Using Presigned URLs - Amazon Simple Storage Service
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.