Create User to Use S3 API with Restricted Permissions

0

I use AWS S3 API to upload files to some buckets, however, I need to create a new user that only has permission to upload to certain buckets and only through restricted IPs, other IPs should be blocked. Another permission I need is to delete objects, but only from an allowed IP.

Regarding the download, anyone on the internet can access this file (if they have the link).

The problem is that I think I found some articles that would help me with this issue, but they don't tell me exactly which menu within the AWS Console I should access to be able to perform these actions.

For example, this link (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) seems to talk about how to restrict the access to a bucket, but it doesn't tell me exactly which location/menu in the console I use to access this setting.

TLDR: What is the path/menu in the Console to set Policies and Permissions in Amazon S3 on a bucket in S3?

asked 2 years ago1024 views
1 Answer
1
Accepted Answer

Access to S3 buckets and their objects is determined, with some simplification, by the S3 bucket policy and the IAM permissions assigned to the user accessing them.

You can find the S3 bucket policy it in the permissions tab of your bucket; the deep link for editing the bucket policy is something like: https://s3.console.aws.amazon.com/s3/bucket/<your-bucket-name>/property/policy/edit?region=<your-region>

For creating a user and assigning permissions, you should use IAM https://your-region.console.aws.amazon.com/iamv2/home Users have their own IAM policies and you should grant explicit access to those actions on the buckets you're referring to.

profile pictureAWS
EXPERT
Tasio
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions