- Le plus récent
- Le plus de votes
- La plupart des commentaires
Yes, you can create an IAM policy that allows the user to delete files and folders under the three specific directories, but denies the user from deleting the three main folders. Here's an example policy that you can modify to fit your specific requirements:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowDeletingUnderSpecificDirectories", "Effect": "Allow", "Action": [ "s3:DeleteObject", "s3:DeleteObjectVersion", "s3:DeleteObjectTagging" ], "Resource": [ "arn:aws:s3:::<your-bucket>/Public/", "arn:aws:s3:::<your-bucket>/Archive/", "arn:aws:s3:::<your-bucket>/Error/" ] }, { "Sid": "DenyDeletingMainFolders", "Effect": "Deny", "Action": [ "s3:DeleteBucket", "s3:DeleteBucketPolicy", "s3:DeleteBucketWebsite", "s3:DeleteBucketTagging", "s3:DeleteBucketAnalyticsConfiguration", "s3:DeleteBucketEncryption", "s3:DeleteBucketInventoryConfiguration", "s3:DeleteBucketLifecycle", "s3:DeleteBucketMetricsConfiguration", "s3:DeleteBucketReplication", "s3:DeleteBucketPublicAccessBlock", "s3:DeleteAccessPoint", "s3:DeleteJobTagging" ], "Resource": [ "arn:aws:s3:::<your-bucket>", "arn:aws:s3:::<your-bucket>/" ], "Condition": { "StringEquals": { "s3:prefix": [ "Public/", "Archive/", "Error/" ] } } } ] }
Contenus pertinents
- demandé il y a 3 mois
- demandé il y a un an
- demandé il y a 9 mois
- demandé il y a 6 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 3 ans