stackoom
  简体   繁体   中英

IAM User S3 permission and Bucket permission in S3 which one will execute first?

 原文  2019-09-22 10:53:02       amazon-web-services/ amazon-s3/ amazon-iam

Question

I have an IAM user and i have given S3 full access to specific user, also i am giving some access permissions in S3 bucket separately, i want to know which one will execute first. either it will give full access to my user according to IAM or it will work according to the S3 permission

1 answers

solution1
 0  2019-09-23 06:43:06

It will use both of the permissions.

First, any Deny permissions will be evaluated (on the IAM User, any IAM Group they belong to, and in the Bucket Policy). If the request matches a Deny policy, then the request is denied.

Next, all Allow permissions are evaluated. If the request matches an Allow policy, then the request is allowed.

So, in the absence of any Deny policies, a request will be permitted as long as any permission grants the access.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Permission denied for IAM policy to S3 bucket Giving an IAM user, permission to a specific folder of a bucket in AWS S3 IAM User Permission issue with AWS S3 How can I set up Amazon S3 bucket permission to an IAM user? Grant access to Amazon S3 bucket only to one IAM User AWS S3 - Assign limited permission to bucket & create IAM who can access that bucket only How to give permission to a federated user in boto to an s3 bucket? AWS Root User Permission Denied on S3 Bucket policy Deny permission to specific user of specific folder inside S3 bucket Amazon S3 IAM User can' access S3 bucket
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM