Skip to content

Instantly share code, notes, and snippets.

@billyteves
Forked from koladilip/policy.json
Created August 13, 2018 05:48
Show Gist options
  • Save billyteves/5644ebf94ff5e819035a07406c37c7ca to your computer and use it in GitHub Desktop.
Save billyteves/5644ebf94ff5e819035a07406c37c7ca to your computer and use it in GitHub Desktop.
Cognito Identity Pool Authenticated Role Policy to Upload to S3 bucket
{
"Version": "2012–10–17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::<bucket-name>",
"Condition": {
"StringLike": {
"s3:prefix": "*/${cognito-identity.amazonaws.com:sub}*"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:PutObject",
"Resource": "arn:aws:s3:::<bucket-name>/*/${cognito-identity.amazonaws.com:sub}/*"
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::<bucket-name>/*/${cognito-identity.amazonaws.com:sub}/*"
},
{
"Sid": "VisualEditor3",
"Effect": "Allow",
"Action": "s3:DeleteObject",
"Resource": "arn:aws:s3:::<bucket-name>/*/${cognito-identity.amazonaws.com:sub}/*"
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment