[英]Deny permission to specific user of specific folder inside S3 bucket
在AWS S3中,我有一个名为“ Environments”的存储桶,在该存储桶中有4个分别名为“ sandbox”,“ staging”,“ prod1”和“ prod2”的文件夹,并且整个存储桶的权限为“ public”。
现在,我想限制一个名为“ developer”的AWS用户将任何内容写入“ prod1”和“ prod2”文件夹,但它可以查看它们。
请帮助我
创建以下策略并附加到用户开发人员
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::Environments",
"arn:aws:s3:::Environments/sandbox/*",
"arn:aws:s3:::Environments/staging/*",
]
}
]
}
此策略允许对文件夹沙箱和暂存具有完全权限,但将另一个文件夹限制为用户开发人员
授予 IAM 用户访问 AWS S3 中存储桶特定文件夹的权限
[英]Giving an IAM user, permission to a specific folder of a bucket in AWS S3
如何授予外部AWS IAM用户访问特定S3存储桶文件夹的权限
[英]How to give external AWS IAM user access to specific S3 Bucket folder
除了访问 S3 存储桶中的私有文件夹之外的所有用户都拒绝访问
[英]Deny access to all users except one to access private-folder inside S3 bucket
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.