have created an s3 bucket "abc" and added couple of folders "Yogesh" and "xyz".
I have created an IAM user and added own policy as below. User should see all buckets and only xyz folder
Is it possible??
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowUsersToSeeBucketList",
"Action": [
"s3:ListAllMyBuckets",
"s3:GetBucketLocation"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::"
]
},
{
"Sid": "AllowListingofSpecificFolder",
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": [
"arn:aws:s3:::xyz"
],
"Condition": {
"StringLike": {
"s3:prefix": [
"abc/"
]
}
}
},
{
"Sid": "AllowAllActions",
"Effect": "Allow",
"Action": [
"s3:"
],
"Resource": [
"arn:aws:s3:::xyz-abc/"
]
}
]
}
But If I try this policy the user can see buckets but not objects with error - Insufficient permissions to list objects
After you or your AWS administrator has updated your permissions to allow the s3:ListBucket action, refresh the page. Learn more about Identity and access management in Amazon S3
For example, you can open it from the management console by specifying the folder with the URL as shown below. Therefore, when operating from the management console, it is not possible to display only specific folders. If you are operating from the management console, you will need to specify the folder using the URL to access it.