By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS S3 access control

0

How do I disable access or display of a directory (folder) for a specified IAM user?

Topics
Management & Governance
Tags
AWS Account Management
Language
English
shengxian_huang
asked 2 years ago250 views
1 Answer
0

I would use S3 Access Points to achieve this. You can read the full documentation here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html

Each access point has distinct permissions and network controls that S3 applies for any request that is made through that access point. Each access point enforces a customized access point policy that works in conjunction with the bucket policy that is attached to the underlying bucket.

An example of an access point policy to grant access to a Prefix (folder) is here:/

{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Sid": "Statement1",
			"Principal": {
				"AWS": "arn:aws:iam::123456789012:root"
			},
			"Effect": "Allow",
			"Action": [
				"s3:*"
			],
			"Resource": [
				"arn:aws:s3:us-west-2:123456789012:accesspoint/tester"
			],
			"Condition": {
				"StringEquals": {
					"s3:prefix": [
						"asdf"
					]
				}
			}
		}
	]
}
AWS
Marc Schuricht
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content