1 個回答
- 最新
- 最多得票
- 最多評論
0
I would use S3 Access Points to achieve this. You can read the full documentation here: https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html
Each access point has distinct permissions and network controls that S3 applies for any request that is made through that access point. Each access point enforces a customized access point policy that works in conjunction with the bucket policy that is attached to the underlying bucket.
An example of an access point policy to grant access to a Prefix (folder) is here:/
{ "Version": "2012-10-17", "Statement": [ { "Sid": "Statement1", "Principal": { "AWS": "arn:aws:iam::123456789012:root" }, "Effect": "Allow", "Action": [ "s3:*" ], "Resource": [ "arn:aws:s3:us-west-2:123456789012:accesspoint/tester" ], "Condition": { "StringEquals": { "s3:prefix": [ "asdf" ] } } } ] }
已回答 2 年前
相關內容
- 已提問 6 個月前
- AWS 官方已更新 2 年前