• HValentino
    0
    Hi Guys, how do I limit the access for IAM user only can see 1 bucket instead of all of the bucket that we have on the account? thank you!
  • Matt
    91
    Here's an example of a policy that should allow you to restrict bucket visibility:
    {
        "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": [
    "s3:ListBucket",
    "s3:GetBucketLocation",
    "s3:ListBucketMultipartUploads"
    ],
    "Resource": "arn:aws:s3:::mybucket",
    "Condition": {}
    },
    {
    "Effect": "Allow",
    "Action": [
    "s3:AbortMultipartUpload",
    "s3:DeleteObject",
    "s3:DeleteObjectVersion",
    "s3:GetObject",
    "s3:GetObjectAcl",
    "s3:GetObjectVersion",
    "s3:GetObjectVersionAcl",
    "s3:PutObject",
    "s3:PutObjectAcl",
    "s3:PutObjectVersionAcl"
    ],
    "Resource": "arn:aws:s3:::mybucket/*",
    "Condition": {}
    },
    {
    "Effect": "Allow",
    "Action": "s3:ListAllMyBuckets",
    "Resource": "*",
    "Condition": {}
    }
    ]
    }
    
  • HValentino
    0
    Thank you for this! but actually I found the solutions, thanks again!
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment

Welcome to MSP360 (CloudBerry) Forum!

Thank you for visiting! Please take a moment to register so that you can participate in the discussions!