1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
I would use S3 Access Points to achieve this. You can read the full documentation here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
Each access point has distinct permissions and network controls that S3 applies for any request that is made through that access point. Each access point enforces a customized access point policy that works in conjunction with the bucket policy that is attached to the underlying bucket.
An example of an access point policy to grant access to a Prefix (folder) is here:/
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Statement1", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Effect": "Allow", "Action": [ "s3:*" ], "Resource": [ "arn:aws:s3:us-west-2:123456789012:accesspoint/tester" ], "Condition": { "StringEquals": { "s3:prefix": [ "asdf" ] } } } ] }
답변함 2년 전
관련 콘텐츠
- 질문됨 8달 전