Difference between revisions of "AWS S3 policies"

• https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html

• API reference: https://docs.aws.amazon.com/AmazonS3/latest/API/API_Operations_Amazon_Simple_Storage_Service.html

s3:[edit]

s3:, s3:ListBucket, s3:ListAllMyBuckets, s3:PutObject, s3:PutObjectAcl, s3:GetObject, s3:GetObjectAcl [1], s3:GetBucketPolicy, s3:PutBucketPolicy, s3:DeleteObject, s3:ReplicateObject, s3:ReplicateDelete, s3:ReplicateTags

Official example[edit]

{
    "Version": "2012-10-17",
    "Id": "ExamplePolicy01",
    "Statement": [
        {
            "Sid": "ExampleStatement01",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::123456789012:user/Dave"
            },
            "Action": [
                "s3:GetObject",
                "s3:GetBucketLocation",
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::awsexamplebucket1/*",
                "arn:aws:s3:::awsexamplebucket1"
            ]
        }
    ]
}

Errors[edit]

• An error occurred (AccessDenied) when calling the DeleteObject operation: Access Denied

Activities[edit]

• S3 read-write access to a certain bucket
• How do I troubleshoot the error "You don't have permissions to edit bucket policy" when I try to modify a bucket policy in Amazon S3?

See also[edit]

• AWS S3 policies: s3:, S3 read-write access to a certain bucket, s3:ListBucket, s3:ListAllMyBuckets