AWS S3 bucket default storage class
Question
I've been trying to change default storage class in one of my buckets to glacier for one user using IAM policy but unfortunately it does not work. Can someone tell me what i am doing wrong? Every uploaded file still use Standard storage class.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "statement1",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::$MY_ACCOUNT_ID:user/backup"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::private-backup/*",
"Condition": {
"StringEquals": {
"s3:x-amz-storage-class": "GLACIER"
}
}
}
]
}
1 answers
solution1
0 2021-04-05 10:48:35
If your users or bucket has other policies that allow such uploads, you have to use explicit deny in your policy, not allow:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "statement1",
"Effect": "Deny",
"Principal": {
"AWS": "arn:aws:iam::$MY_ACCOUNT_ID:user/backup"
},
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::private-backup/*",
"Condition": {
"StringNotEquals": {
"s3:x-amz-storage-class": "GLACIER"
}
}
}
]
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
AWS S3 Bucket Notifications when object changes storage class?
AWS Amplify Storage permissions, S3 bucket
How to change Default Storage Class on AWS S3
Change S3 Bucket Storage class to S3 Infrequent Access
List all objects in AWS S3 bucket with their storage class using Boto3 Python
Migrating GCP Object storage data to AWS S3 Bucket
Error on copying AWS s3 bucket to Azure Storage using AZCopy
How to make all Objects in AWS S3 bucket public by default?
How to specify default encryption for s3 bucket using aws cli?
Listing S3 bucket objects with specific storage class
Related Tags