2 Risposte
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
1
Hi, in reviewing the JSON policy document that you provided, what you are seeing is expected.
The first Sid (Stmt1480515305000) allows the IAM user/role to list all of your buckets in the account and get their locations (e.g., AWS region). If you add the specific resource block that you use for the second Sid (Stmt1480515305002), you will restrict the bucket list to the one bucket that you want cyberduck to access. I've included my example below.
{
"Sid": "Stmt1480515305000",
"Effect": "Allow",
"Action": [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::allowed-bucket"
]
}
con risposta 2 anni fa
0
Hello . thank you for your answer . i wasn't able to apply what you said . lets suppose the bucket i want to list is called bucket1 . how would the code look for that bucket . thank you
con risposta 2 anni fa
Contenuto pertinente
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 2 anni fa