TECHIES WORLD

For Techs.... Techniques.... Technologies....

AWS

How to configure IAM policy for giving the full access to specific S3 bucket

We can give or restrict different permissions over S3 buckets using default IAM policies. But this is applicable for the whole list of S3 buckets in the AWS account.

There are certain cases where we need to give the read and write permissions only to specific S3 bucket.

In such a situation we can create a new IAM policy as follows.

{
    "Version":"2012-10-17",
    "Statement":[
    {
        "Effect":"Allow",
        "Action": "s3:ListAllMyBuckets",
        "Resource":"arn:aws:s3:::*"
    },
    {
        "Effect":"Allow",
        "Action":["s3:ListBucket","s3:GetBucketLocation"],
        "Resource":"arn:aws:s3:::BUCKET-NAME"
    },
    {
        "Effect":"Allow",
            "Action":[
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:GetObject",
            "s3:GetObjectAcl",
            "s3:DeleteObject"
        ],
            "Resource":"arn:aws:s3:::BUCKET-NAME/*"
    }
    ]
}

Here we need to replace BUCKET-NAME with the corresponding value.

In this case the user have full access to this particular bucket only and rest all buckets are restricted as read only.

That's all…