Storage Lens Permission How to
Hi everyone,
Per the help doc, I've setup an IAM user with the purpose of assigning them Storage Lens permissions. https://github.com/awsdocs/amazon-s3-developer-guide/blob/master/doc_source/storage_lens_iam_permissions.md#storage_lens_iam_permissions_account
However in the console, I can't see any of the permissions mentioned. I only see policies.
So are their policies that cover the permissions listed in the article, or do I need to add permissions from somewhere else?
Your help is much appreciated.
- 新しい順
- 投票が多い順
- コメントが多い順
Hi,
You'd need to create an IAM policy first with the permissions listed in the mentioned document
- Go to IAM Policy console
- Click Create policy
- Click JSON tab at top right OR you can do through Visual as well by selecting those actions one by one
- Add those actions which are mentioned in the doc, to Action part of the policy
- Click Next
- Give this policy a name
Here is how JSON document would look like for the policy if I include all the actions as listed under section Setting account permissions to use S3 Storage Lens in the above mentioned document. You can add/remove actions based on your requirement and add resource arn instead of '*':
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:ListStorageLensConfigurations",
"s3:GetStorageLensConfiguration",
"s3:DeleteStorageLensConfigurationTagging",
"s3:PutStorageLensConfigurationTagging",
"s3:PutStorageLensConfiguration",
"s3:GetStorageLensConfigurationTagging",
"s3:GetStorageLensDashboard"
],
"Resource": "*"
}
]
}
Once you would have created the policy then you can assign this policy to that IAM user which would be used to access Storage Lens.
Hope you find this helpful.
Comment here if you have additional questions, happy to help.
Abhishek
Thanks so much Abhishek. That was the missing piece. Hope they add that to the documentation to help new, non-technical users.
関連するコンテンツ
AWS公式更新しました 2年前
I'm glad it worked for you.