This is effectively a condensed version of Amazon’s documentation for how to give specific IAM users and groups access to specific buckets. Your first step is to create an s3 bucket, 1 IAM group, and at least 2 IAM users:
- Here’s how to create an s3 bucket.
- Here’s how to create IAM groups.
- Here’s how to create IAM users.
Now that we have the s3 bucket, IAM group, and IAM users, we’re ready to add permissions. We only need to add permissions to the group and to the users.
Add the following json permissions to the IAM group, replacing “BUCKET_NAME” with your bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowGroupToSeeBucketListAndAlsoAllowGetBucketLocationRequiredForListBucket",
"Action": [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::*"
]
},
{
"Sid": "AllowRootLevelListingOfCompanyBucket",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::BUCKET_NAME"
],
"Condition": {
"StringEquals": {
"s3:prefix": [
""
],
"s3:delimiter": [
"/"
]
}
}
}
]
}Add the following json permissions to the IAM users, replacing “BUCKET_NAME” with your bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowListBucketIfSpecificPrefixIsIncludedInRequest",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::BUCKET_NAME"
]
}
]
}If you want to grant the IAM users access to a sub-bucket, then do the following, replacing “BUCKET_NAME” and “SUB_BUCKET_NAME” with the respective bucket names:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowListBucketIfSpecificPrefixIsIncludedInRequest",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::BUCKET_NAME"
],
"Condition": {
"StringLike": {
"s3:prefix": [
"SUB_BUCKET/*"
]
}
}
}
]
}That’s it!
From Toby’s Blog
- Fortify Your WordPress Site: Essential Security StepsSecuring your WordPress site is a critical component of maintaining your online presence and safeguarding your data. Security is no longer a luxury, it has become a necessity in today’s digital world, where threats are lurking at every corner. This piece dives deep into WordPress security basics, giving you a comprehensive understanding of common vulnerabilities…
- Master Your Site: Customizing WordPress ThemesJust as a house is more than bricks and mortar, a WordPress site is much more than simple code. It’s a cohesive structure built with various layers such as PHP, HTML, CSS, and other key elements. Customizing WordPress themes involves gaining an in-depth understanding of this structure, learning to inspect and adjust design elements with…
- Mastering WordPress Basics for Beginners within HoursWelcome to the world of WordPress, a widely used Content Management System (CMS) that powers millions of websites worldwide. Being immensely flexible and user-friendly, WordPress offers an endless scope to create, manage, and customize your website according to your needs and preferences. In this segment, we attempt to introduce you to the basics of WordPress,…
More posts from themightymo.com
How to optimize your Google Crawl Budget using SEM Rush Log File Analyzer and Rank Math SEO
Today I ran the SEM Rush Log File Analyzer tool, and it showed some interesting things that are a complete waste of our Google Crawl Budget. Specifically, I learned that Google is wasting some of our crawl budget on the /wp-includes/ directory, certain plugin directories, and cache directories. I also noticed random files being crawled…
Where is the Google Analytics Measurement ID?
In the vast, evolving world of web development and analytics, keeping up with terminologies and tools can sometimes feel like trying to chase a mischievous cat in a maze. You think you’ve got a grip, only for it to slip right through your fingers! Enter the mysterious “Measurement ID” from Google Analytics 4 (GA4), a…
How to Convert .aiff to .mp3 files via Command Line
Yesterday I ran into an issue where I needed to convert .aiff files to .mp3. DBPowerAmp was recommended to me as a paid GUI tool. But I wanted something more lightweight, since this is a task I rarely need to do (most of the time, I’m already in Logic Pro, and exporting is simple there).…
From Toby’s Blog
- Fortify Your WordPress Site: Essential Security StepsSecuring your WordPress site is a critical component of maintaining your online presence and safeguarding your data. Security is no longer a luxury, it has become a necessity in today’s digital world, where threats are lurking at every corner. This piece dives deep into WordPress security basics, giving you a comprehensive understanding of common vulnerabilities…
- Master Your Site: Customizing WordPress ThemesJust as a house is more than bricks and mortar, a WordPress site is much more than simple code. It’s a cohesive structure built with various layers such as PHP, HTML, CSS, and other key elements. Customizing WordPress themes involves gaining an in-depth understanding of this structure, learning to inspect and adjust design elements with…
- Mastering WordPress Basics for Beginners within HoursWelcome to the world of WordPress, a widely used Content Management System (CMS) that powers millions of websites worldwide. Being immensely flexible and user-friendly, WordPress offers an endless scope to create, manage, and customize your website according to your needs and preferences. In this segment, we attempt to introduce you to the basics of WordPress,…