[英]How to give external AWS IAM user access to specific S3 Bucket folder
我需要授予外部用戶訪問單個Amazon S3存儲桶文件夾的權限。 我有他們的ARN信息,但在授予訪問權限時遇到問題。
{
"Version": "2012-10-17",
"Id": "S3AccessPolicy",
"Statement": [
{
"Sid": "TestAccess",
"Effect": "Allow",
"Principal": {
"AWS": "<external ARN>"
},
"Action": [
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::rootlevelbucket",
"arn:aws:s3:::rootlevelbucket/specificfolder/*"
]
}
]
}
有兩個方面可以跨帳戶訪問。 您具有存儲桶策略的第一部分,但是外部帳戶的管理員需要使用以下IAM策略向用戶授予對S3的訪問權限。 您可以在IAM策略上使用s3:*,因為存儲桶策略將僅限於您列出的命令。
外部用戶的IAM策略:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "RootlevelbucketAccess",
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"arn:aws:s3:::rootlevelbucket",
"arn:aws:s3:::rootlevelbucket/specificfolder/*"
]
}
]
}
授予 IAM 用戶訪問 AWS S3 中存儲桶特定文件夾的權限
[英]Giving an IAM user, permission to a specific folder of a bucket in AWS S3
AWS:允許訪問IAM應用程序用戶到特定的S3存儲桶
[英]AWS:Allowing Access to an IAM application user to a specific S3 bucket
AWS:s3 存儲桶策略不授予 IAM 用戶上傳到存儲桶的權限,引發 403 錯誤
[英]AWS: s3 bucket policy does not give IAM user access to upload to bucket, throws 403 error
如何將駐留在賬戶 A 中的 s3 存儲桶的訪問權限授予來自多個 aws 賬戶的不同 iam 用戶?
[英]How to give access of s3 bucket residing in Account A to different iam users from multiple aws accounts?
允許用戶訪問特定 S3 存儲桶以進行備份的 AWS IAM 策略
[英]AWS IAM Policy to allow user access to specific S3 bucket for backup
如何使用 IAM 策略 AWS 僅向根賬戶用戶授予對 S3 存儲桶的訪問權限?
[英]How to grant access only to the Root Account User for an S3 bucket with IAM Policy AWS?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.