I have created bucket poc-work from admin account, and under this policy I have set policy like below:
{
"Version": "2012-10-17",
"Id": "Policy1620674317608",
"Statement": [
{
"Sid": "Stmt1321974214233",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::accound-id:user/iam-user"
},
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::poc-work",
"arn:aws:s3:::poc-work/*"
]
}
]
}
I have not attached any aws managed policy like s3readonly to IAM user, but I am under assumption that setting bucket policy should make bucket visible to IAM user. But when IAM user log in and check for s3 service there is error message: You don't have permissions to list buckets
I have below queries:
You are giving the user permission for one bucket, but if the user is going through the console the user needs the ListAllBuckets
permission to see all the buckets that exist in the account. So you do need to add permissions to the IAM user as well--not just the one bucket.
Also see:
The 1st link says:
ListAllMyBuckets is required for seeing the list of buckets via the AWS console. It is a MUST if you plan to use the console for S3 administration. If you don't have this permission you basically won't see any of the buckets in the S3 console despite whatever other permissions you have configured and therefore can't take any action upon them.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.