Go to Qiita Advent Calendar 2024 Top
LoginSignup
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 1 year has passed since last update.

@katzueno(Katz Ueno)

特定の S3 1バケットしかアクセスできない IAM ポリシー

Posted at

特定の1個の S3 しかアクセスできない、IAM ポリシーです。
主に IAM ユーザーなんかに
よく忘れちゃうので、自身の Qiita に書き残す

以下の【バケット名】部分を希望する S3 バケットに設定しましょう。

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:GetBucketLocation",
                "s3:ListAllMyBuckets"
            ],
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::【バケット名】",
                "arn:aws:s3:::【バケット名】/*"
            ]
        }
    ]
}

最初の"s3:GetBucketLocation","s3:ListAllMyBuckets" の権限は、S3 の中身
バケットリスト一覧が見えるようになります。(エラーはでますが)

以上

1
1
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
1
1

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?