AWS S3 Security for folders under common bucket : Image courtesy freepik.com

Restricting access to different folders for different IAM accounts under a common Amazon S3 bucket

<bucket>/stage1 ---> with access to IAM user 1
<bucket>/stage2 ---> with access to IAM user 2
<bucket>/stage3 ---> with access to IAM user 3
  1. Create policies for each user and assign the policy giving it a right to access the bucket. Something like this for an IAM user to whom stage-1 folder is assigned under the common S3 bucket.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::bucket/stage-1",
"arn:aws:s3:::bucket/stage-1/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::bucket/stage-1",
"arn:aws:s3:::bucket/stage-1/*"
]
}
]
}
{
"Version": "2012-10-17",
"Id": "CCCCCPol987878",
"Statement": [
{
"Sid": "Stmt1546414471931",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::ROOTID-1:user/stage1-user"
},
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::bucket",
"Condition": {
"StringEquals": {
"s3:prefix": [
"",
"stage1/"
],
"s3:delimiter": "/"
}
}
},
{
"Sid": "Stmt1546414471931",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::ROOTID-2:user/stage2-user"
},
"Action": "s3:ListBucket",
"Resource": "arn:aws:s3:::bucket",
"Condition": {
"StringEquals": {
"s3:prefix": [
"",
"stage2/"
],
"s3:delimiter": "/"
}
}
}
]
}

--

--

--

Tech Enthusiast | Programmer | Architect | Likes to Travel | Interests in Technology, History, Languages, Science

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Saying it one more time.

Simple OpenShift CPU/Memory Benchmark

How to use custom fonts with TailwindCSS

How to: Process Templates, Work Item Types and Custom Rules Mapping on Azure DevOps

Spring REST POST, PUT, PATCH, DELETE APIs vs GraphQL Mutation

CSS Positioning: A walkthrough

Integrating Lua with C: Part 7

ATT&CK 2021 Roadmap

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Basavaraj V

Basavaraj V

Tech Enthusiast | Programmer | Architect | Likes to Travel | Interests in Technology, History, Languages, Science

More from Medium

5 Ways to Control your Cloud Spend

5 Ways to Control your Cloud Spend

Installing Let’s Encrypt SSL Certificate to WP Lightsail Instance.

Dynamics 365/Model-Driven Power Apps: Solving the AADSTS50011 Error