• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Contact
  • Archives
  • Search

Restrict Bucket To Users

June 23, 2018 by Ulysses

How to restrict a S3 bucket to certain group of users. Edit the bucket policy and add the following.

{
    "Version": "2012-10-17",
    "Id": "bucketPolicy",
    "Statement": [
        {
            "Effect": "Deny",
            "NotPrincipal": {
                "AWS": "arn:aws:iam::xxxxxxxxxx:user/username",
                "AWS": "arn:aws:iam::xxxxxxxxxx:root",
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::bucketname",
                "arn:aws:s3:::bucketname/*"
            ]
        }
    ]
}

{ "Version": "2012-10-17", "Id": "bucketPolicy", "Statement": [ { "Effect": "Deny", "NotPrincipal": { "AWS": "arn:aws:iam::xxxxxxxxxx:user/username", "AWS": "arn:aws:iam::xxxxxxxxxx:root", }, "Action": "s3:*", "Resource": [ "arn:aws:s3:::bucketname", "arn:aws:s3:::bucketname/*" ] } ] }

Replace xxxxxxxxxx with your AWS account number.
Replace bucketname with your S3 bucket.
Replace username with your IAM user.
Root is your AWS root account.
Accounts must be valid.

Filed Under: Cloud

Search The Website

Subscribe Via Email

Copyright © 2022