Difference between revisions of "S3: API reference"
Jump to navigation
Jump to search
Line 5: | Line 5: | ||
[[s3:PutObject]] | [[s3:PutObject]] | ||
[[s3:GetObject]] | [[s3:GetObject]] | ||
+ | |||
+ | [[s3:GetBucketPolicy]] | ||
+ | [[s3:PutBucketPolicy]] | ||
== Examples == | == Examples == |
Revision as of 11:24, 8 June 2023
s3:ListBucket s3:ListAllMyBuckets s3:PutObject s3:GetObject
s3:GetBucketPolicy s3:PutBucketPolicy
Examples
resource "aws_s3_bucket" "example" { bucket = "my-tf-test-bucket" } resource "aws_s3_bucket_policy" "allow_access_from_another_account" { bucket = aws_s3_bucket.example.id policy = data.aws_iam_policy_document.allow_access_from_another_account.json } data "aws_iam_policy_document" "allow_access_from_another_account" { statement { principals { type = "AWS" identifiers = ["123456789012"] } actions = [ "s3:GetObject", "s3:ListBucket", ] resources = [ aws_s3_bucket.example.arn, "${aws_s3_bucket.example.arn}/*", ] } }
See also
- SCP
- AWS managed policies:
ReadOnlyAccess, ViewOnlyAccess, AdministratorAccess, SecurityAudit, ViewBilling, AmazonEKSClusterPolicy
, List of AWS policies - AWS policies: managed policies, Job functions, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies,
"Resource":
, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess
Advertising: