1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
AWS SSO allows you to define inline policies for permission sets (Doc link). My suggestion would be to use an inline policy on that user group's SSO permission set they get assigned leveraging the s3:ListBucket
IAM action with the resource list being the buckets that you want to allow.
It's worth noting that you may need to be creative since there's a character limit (I think it's around 10k) which cannot be altered even by AWS.
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata un anno fa
Thank you @carlo-mencarelli, However, unless I do not understand the s3:ListBucket permission does not filter the list of buckets the user sees. Do you have a working configuration in which you have
a
,b
,c
buckets in accounts butaws s3 ls
shows onlyc
usings3:ListBucket
Regards, Alon