Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Storage Lens Permission How to

1

Hi everyone,

Per the help doc, I've setup an IAM user with the purpose of assigning them Storage Lens permissions. https://github.com/awsdocs/amazon-s3-developer-guide/blob/master/doc_source/storage_lens_iam_permissions.md#storage_lens_iam_permissions_account

However in the console, I can't see any of the permissions mentioned. I only see policies. Policies List

So are their policies that cover the permissions listed in the article, or do I need to add permissions from somewhere else?

Your help is much appreciated.

Temas
AlmacenamientoSeguridad, identidad y cumplimiento
Etiquetas
Amazon Simple Storage ServicePolíticas de IAM
Idioma
English
Outbound
preguntada hace 9 meses501 visualizaciones
2 Respuestas
4
Respuesta aceptada

Hi,

You'd need to create an IAM policy first with the permissions listed in the mentioned document

  1. Go to IAM Policy console
  2. Click Create policy
  3. Click JSON tab at top right OR you can do through Visual as well by selecting those actions one by one
  4. Add those actions which are mentioned in the doc, to Action part of the policy
  5. Click Next
  6. Give this policy a name

Here is how JSON document would look like for the policy if I include all the actions as listed under section Setting account permissions to use S3 Storage Lens in the above mentioned document. You can add/remove actions based on your requirement and add resource arn instead of '*':

 {
 	     "Version": "2012-10-17",
 	     "Statement": [
      		{
	     	     "Sid": "VisualEditor0",
		     "Effect": "Allow",
		     "Action": [
			     "s3:ListStorageLensConfigurations",
			     "s3:GetStorageLensConfiguration",
			     "s3:DeleteStorageLensConfigurationTagging",
			     "s3:PutStorageLensConfigurationTagging",
			     "s3:PutStorageLensConfiguration",
			     "s3:GetStorageLensConfigurationTagging",
			     "s3:GetStorageLensDashboard"
		     ],
		     "Resource": "*"
	     }
     ]
 }

Once you would have created the policy then you can assign this policy to that IAM user which would be used to access Storage Lens.

Hope you find this helpful.

Comment here if you have additional questions, happy to help.

Abhishek

profile pictureAWS
EXPERTO
secondabhi_aws
respondido hace 9 meses
profile pictureAWS
EXPERTO
iBehr
revisado hace 9 meses
profile picture
EXPERTO
Gary Mclean
revisado hace 9 meses
0

Thanks so much Abhishek. That was the missing piece. Hope they add that to the documentation to help new, non-technical users.

Outbound
respondido hace 9 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante