S3 prefix-selective cross-account permissions

0

Hi Experts I need to create selective permissions set on a single S3 bucket for different AWS accounts (either role or user) on a per prefix. example for the structure in the S3 bucket: my_s3_bucket/account1 my_s3_bucket/account2

I want to enable account1\2 programmatic access to put\get\delete objects on their corresponding prefixes without seeing\listing any other account`s prefix Is this a support pattern? If yes - how should it be implemented.

Thanks

1 Answer
0

Hi BoazG,

check out this blog from aws in wich it is configured with iam-users. But it should be the same procedure with external accounts.

Also you should configure it as a bucket resource policy.

https://aws.amazon.com/de/premiumsupport/knowledge-center/iam-s3-user-specific-folder/

profile picture
HeikoMR
answered 10 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions