• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

Restrict Bucket To Users

June 23, 2018

How to restrict a S3 bucket to certain group of users. Edit the bucket policy and add the following.

{
    "Version": "2012-10-17",
    "Id": "bucketPolicy",
    "Statement": [
        {
            "Effect": "Deny",
            "NotPrincipal": {
                "AWS": "arn:aws:iam::xxxxxxxxxx:user/username",
                "AWS": "arn:aws:iam::xxxxxxxxxx:root",
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::bucketname",
                "arn:aws:s3:::bucketname/*"
            ]
        }
    ]
}

{ "Version": "2012-10-17", "Id": "bucketPolicy", "Statement": [ { "Effect": "Deny", "NotPrincipal": { "AWS": "arn:aws:iam::xxxxxxxxxx:user/username", "AWS": "arn:aws:iam::xxxxxxxxxx:root", }, "Action": "s3:*", "Resource": [ "arn:aws:s3:::bucketname", "arn:aws:s3:::bucketname/*" ] } ] }

Replace xxxxxxxxxx with your AWS account number.
Replace bucketname with your S3 bucket.
Replace username with your IAM user.
Root is your AWS root account.
Accounts must be valid.

Filed Under: Cloud

Search This Website

Subscribe Via Email

  • Home
  • About
  • Archives

Copyright © 2023