You can either use Object policy or AWS Identity and Access Management (IAM) Policies: You can create an IAM policy that restricts the file types for uploading. Configure the policy to the IAM user or group that need restricted access. i.e this allows only PDF files
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowSpecificFileTypes", "Effect": "Deny", "Action": [ "s3:PutObject", "s3:PutObjectAcl" ], "Resource": "arn:aws:s3:::your-bucket-name/*", "Condition": { "StringNotEquals": { "s3:x-amz-meta-file-type": [ "application/pdf" ] } } } ] }
Try out this and let me us know
What if an object name is not <name>.extension
but just name
e.g. example
? Is this policy just useless then? If yes, how to make this policy "stronger"?
Thank you for your comment. We'll review and update the Knowledge Center article as needed.
相關內容
- 已提問 1 年前
- AWS 官方已更新 3 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 10 個月前
- AWS 官方已更新 2 年前