- Newest
- Most votes
- Most comments
When ACLs are disabled then use bucket policies to control access. Grant folder level access through s3 resource policy, follow this re:Post thread. But, based on what you described, it seems that you don't want to go this route.
But here in your case, I assume, you'd have already bucket ACL enabled and object ownership would be either Bucket owner or object writer. Granting objects through ACL, you'd need to add canonical id to each object in that folder.
If your bucket uses the bucket owner enforced setting for S3 Object Ownership, you must use policies to grant access to your bucket and the objects in it. With the bucket owner enforced setting enabled, requests to set access control lists (ACLs) or update ACLs fail and return the AccessControlListNotSupported error code. Requests to read ACLs are still supported. Refer Access control list overview
Once you add canonical id to object, that user should be able to access that object using the following command:
aws s3api get-object --bucket <bucket_name> --key <directory/file_name> --profile <cli_profile> outfile
Hope you find this information helpful.
Comment here if you have additional questions, happy to help.
Abhishek
Relevant content
AWS OFFICIALUpdated 8 months ago- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 8 months ago
Do you have additional questions, happy to help.