IAM POLICY S3
s3 limited access on specific buckets
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::your-s3-bucket",
"arn:aws:s3:::your-s3-bucket/*"
]
}
]
}
s3 full access on all buckets
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:*",
"s3-object-lambda:*"
],
"Resource": "*"
}
]
}s3 full access on specific buckets
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:*",
"Resource": "arn:aws:s3:::s3-explorer-ui/*"
}
]
}Full acccess (except delete) on specific bucket
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObjectVersionTagging",
"s3:GetStorageLensConfigurationTagging",
"s3:GetObjectAcl",
"s3:GetBucketObjectLockConfiguration",
"s3:GetIntelligentTieringConfiguration",
"s3:GetStorageLensGroup",
"s3:GetAccessGrantsInstanceForPrefix",
"s3:GetObjectVersionAcl",
"s3:GetBucketPolicyStatus",
"s3:GetAccessGrantsLocation",
"s3:GetObjectRetention",
"s3:GetBucketWebsite",
"s3:GetJobTagging",
"s3:GetMultiRegionAccessPoint",
"s3:GetObjectAttributes",
"s3:GetAccessGrantsInstanceResourcePolicy",
"s3:GetObjectLegalHold",
"s3:GetBucketNotification",
"s3:DescribeMultiRegionAccessPointOperation",
"s3:GetReplicationConfiguration",
"s3:ListMultipartUploadParts",
"s3:PutObject",
"s3:GetObject",
"s3:DescribeJob",
"s3:GetAnalyticsConfiguration",
"s3:GetObjectVersionForReplication",
"s3:GetAccessPointForObjectLambda",
"s3:GetStorageLensDashboard",
"s3:GetLifecycleConfiguration",
"s3:GetInventoryConfiguration",
"s3:GetBucketTagging",
"s3:GetAccessPointPolicyForObjectLambda",
"s3:GetBucketLogging",
"s3:ListBucketVersions",
"s3:GetAccessGrant",
"s3:ListBucket",
"s3:GetAccelerateConfiguration",
"s3:GetObjectVersionAttributes",
"s3:GetBucketPolicy",
"s3:ListTagsForResource",
"s3:GetEncryptionConfiguration",
"s3:GetObjectVersionTorrent",
"s3:GetBucketRequestPayment",
"s3:ListAccessGrants",
"s3:GetAccessPointPolicyStatus",
"s3:GetAccessGrantsInstance",
"s3:GetObjectTagging",
"s3:GetMetricsConfiguration",
"s3:GetBucketOwnershipControls",
"s3:GetBucketPublicAccessBlock",
"s3:GetMultiRegionAccessPointPolicyStatus",
"s3:ListBucketMultipartUploads",
"s3:GetMultiRegionAccessPointPolicy",
"s3:GetAccessPointPolicyStatusForObjectLambda",
"s3:GetDataAccess",
"s3:GetBucketVersioning",
"s3:GetBucketAcl",
"s3:GetAccessPointConfigurationForObjectLambda",
"s3:ListAccessGrantsLocations",
"s3:GetObjectTorrent",
"s3:GetMultiRegionAccessPointRoutes",
"s3:GetStorageLensConfiguration",
"s3:GetBucketCORS",
"s3:GetBucketLocation",
"s3:GetAccessPointPolicy",
"s3:GetObjectVersion",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::only-put-get/*",
"arn:aws:s3:::only-put-get"
]
}
]
}