How to configure IAM policy for giving the access only to specific s3 bucket

We can give or restrict different permissions over s3 bucket using default IAM policies. But this is applicable for the whole list of s3 buckets in the account.

There are certain cases where we need to give the permissions to specific s3 bucket only.

In such a situation we can create a new IAM policy as follows.

{
    "Version":"2012-10-17",
    "Statement":[
        {
            "Effect":"Allow",
            "Action":[
            "s3:ListBucket"
        ],
        "Resource":"arn:aws:s3:::BUCKET-NAME"
    },
    {
        "Effect":"Allow",
        "Action":[
            "s3:PutObject",
            "s3:GetObject"
        ],
        "Resource":"arn:aws:s3:::BUCKET-NAME/*"
        }
    ]
}

Here we need to replace BUCKET-NAME with the corresponding value.

In this case the user have access to this particular bucket only and rest all buckets are restricted.

That's all…

Leave a Reply

Your email address will not be published. Required fields are marked *