Skip to content

Instantly share code, notes, and snippets.

@sr9yar
Forked from woganmay/iam-policy.json
Last active June 17, 2020 09:44
Show Gist options
  • Save sr9yar/a05e278a6dddbaa66da004bbe021b2b4 to your computer and use it in GitHub Desktop.
Save sr9yar/a05e278a6dddbaa66da004bbe021b2b4 to your computer and use it in GitHub Desktop.
IAM policy to grant a user narrow access to one S3 bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:ListBucket",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::bucket-name"
]
},
{
"Effect": "Allow",
"Principal": "*",
"Action": [
"s3:PutObject",
"s3:PutObjectAcl",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::bucket-name/*"
]
}
]
}
@sr9yar
Copy link
Author

sr9yar commented Oct 10, 2018

An update based on

https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-bucket-user-policy-specifying-principal-intro.html
https://stackoverflow.com/a/47708780/3298637

Another principal format example:

"Principal": {
	"AWS": "arn:aws:iam::134567890134:root"
}

@perevodchegg
Copy link

It worked!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment