Skip to main content

AWS - IAM Permissions - Setup permissions for one user to access only one S3 bucket

While using Amazon's AWS system, we needed to give access to one S3 bucket. Todo so, we ended up using Amazon's IAM. Once we created the user in the AWS system, we created the following policy to allow this new user to only be able to read/write to their bucket:

{
  "Statement": [
    {
      "Sid": "Stmt1358366218054",
      "Action": [
        "s3:*"
      ],
      "Effect": "Allow",
      "Resource": [
        "arn:aws:s3:::BUCKET_NAME",
        "arn:aws:s3:::BUCKET_NAME"
      ]
    },
    {
      "Sid": "Stmt1358366218052",
      "Action": "s3:ListAllMyBuckets",
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::*"
    }
  ]
}

This policy will allow the user to view all of your buckets, but they will only be able to read/write files within the bucket named 'BUCKET_NAME'.


Comments