1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
AWS SSO allows you to define inline policies for permission sets (Doc link). My suggestion would be to use an inline policy on that user group's SSO permission set they get assigned leveraging the s3:ListBucket
IAM action with the resource list being the buckets that you want to allow.
It's worth noting that you may need to be creative since there's a character limit (I think it's around 10k) which cannot be altered even by AWS.
respondido hace 2 años
Contenido relevante
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace un año
Thank you @carlo-mencarelli, However, unless I do not understand the s3:ListBucket permission does not filter the list of buckets the user sees. Do you have a working configuration in which you have
a
,b
,c
buckets in accounts butaws s3 ls
shows onlyc
usings3:ListBucket
Regards, Alon