- Create a IAM policy called
s3-admin-nexus-s3-bucket. It will be used later.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::nexus-s3-bucket-test/",
"arn:aws:s3:::nexus-s3-bucket-test"
]
}
]
}-
Create a user with programmatic access called
test-s3and apply the following policy to it. -
Download and configure credentials with
aws configure. -
Create a bucket
nexus-s3-bucket-test. -
Apply the following policy to bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Private bucket for test-s3 user",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<copy-your-id-here>:user/test-s3"
},
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject",
"s3:PutObjectAcl"
],
"Resource": "arn:aws:s3:::nexus-s3-bucket-test/*"
}
]
}- List specific bucket on terminal with:
aws s3 ls s3://nexus-s3-bucket-testAny diferent name for bucket will give permission denied error.
- Copy a local file to bucket:
aws s3 cp index.html s3://nexus-s3-bucket-test
$ aws s3 ls s3://nexus-s3-bucket-test
2019-08-02 21:33:04 5 index.html6.5 (Optional) let file as public read
aws s3api put-object-acl --bucket nexus-s3-bucket-test --key index.html --acl public-read
curl https://nexus-s3-bucket-test.s3.amazonaws.com/index.html- Go to IAM, in order to create a role
s3-admin-nexus-s3and apply thes3-admin-nexus-s3-bucketpolicy. - Go to web console, select desired instance, menu
Actions->Instance Settings->Attach/Replace IAM Role. - Select the
s3-admin-nexus-s3on the list, then click Apply. - Connect to instance and list bucket objects:
aws s3 ls s3://nexus-s3-bucket-test