Hi I am trying to implement the best practices when it comes to our backups and wanted to ensure that my AWS user only have access to the buckets they need to and have the minimum permissions.
My user has the following policy linked to it but I get an access denied, can anyone tell me what permissions I am missing?
Policy
{
“Version”: “2012-10-17”,
“Statement”: [
{
“Effect”: “Allow”,
“Action”: [
“s3:ListBucket”,
“s3:GetBucketAcl”,
“s3:GetBucketVersioning”,
“s3:GetBucketRequestPayment”,
“s3:GetBucketLocation”,
“s3:GetBucketPolicy”
],
“Resource”: [
“arn:aws:s3:::Bucket1”,
“arn:aws:s3:::Bucket2”,
“arn:aws:s3:::Bucket3”
],
“Condition”: {}
},
{
“Effect”: “Allow”,
“Action”: [
“s3:GetObject”,
“s3:DeleteObject”,
“s3:DeleteObjectVersion”,
“s3:GetObjectAcl”,
“s3:GetObjectVersion”,
“s3:GetObjectVersionAcl”,
“s3:PutObject”,
“s3:PutObjectAcl”,
“s3:PutObjectVersionAcl”
],
“Resource”: [
“arn:aws:s3:::Bucket1/",
"arn:aws:s3:::Bucket2/”,
“arn:aws:s3:::Bucket3/"
],
“Condition”: {}
},
{
“Effect”: “Allow”,
“Action”: “s3:ListAllMyBuckets”,
“Resource”: "”,
“Condition”: {}
}
]
}