Skip to content

Instantly share code, notes, and snippets.

@woganmay
Created January 3, 2017 23:48
Show Gist options
  • Save woganmay/fb6e99472586ff06e0531ee6282d3b06 to your computer and use it in GitHub Desktop.
Save woganmay/fb6e99472586ff06e0531ee6282d3b06 to your computer and use it in GitHub Desktop.
IAM policy to grant a user narrow access to one S3 bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::bucket-name"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::bucket-name/*"
]
}
]
}
@rbrisita
Copy link

As of 2018-07-16, the policy summary will complain about having "s3:ListAllMyBuckets" when the resource does not have an '*'. I deleted it from the JSON policy to satisfy the summary.

@morariu
Copy link

morariu commented Oct 5, 2018

I was trying this policy but getting a "Missing required field Principal" error.

@sr9yar
Copy link

sr9yar commented Oct 10, 2018

I was trying this policy but getting a "Missing required field Principal" error.

Check this out: https://gist.github.com/sr9yar/a05e278a6dddbaa66da004bbe021b2b4
Worked for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment