Permit User ARN to read/write Specific Folder in S3 Bucket

Jan 21, 2022

0

Share this article

{{ }} Substitute variables

Adjust the variable values according to your preference.

Policy Code

1{
2  "Version": "2012-10-17",
3  "Id": "Permit user ARN to read, write, delete in specific folder",
4  "Statement": [
5    {
6      "Sid": "Permit reading bucket list at this path",
7      "Effect": "Allow",
8      "Principal": {
9        "AWS": "arn:aws:iam::{{user-arn}}:user/{{user-name}}"
10    },
11      "Action": "s3:ListBucket",
12      "Resource": "arn:aws:s3:::{{bucket-name-goes-here}}",
13      "Condition": {
14        "StringLike": {
15          "s3:prefix": "{{folder-name-goes-here}}/*"
16        }
17      }
18    },
19    {
20      "Sid": "Permit read, delete, and write files in specific folder only",
21      "Effect": "Allow",
22      "Principal": {
23        "AWS": "arn:aws:iam::{{user-arn}}:user/{{user-name}}"
24    },
25      "Resource": "arn:aws:s3:::{{bucket-name-goes-here}}/{{folder-name-goes-here}}/*",
26      "Action": [
27        "s3:GetObject",
28        "s3:DeleteObject",
29        "s3:PutObject"
30      ]
31    }
32  ]
33}
    img

    Related Policies

    POLICY

    AWS ECR: Permit Cross Account Image Upload

    Grant n AWS accounts, any principal, to connect to ECR resource and upload image...

    Mar 07, 2022

    0
    POLICY

    AWS ECR, Permit Cross Account Image Download

    Grant n other accounts access to this ECR, account-wide. Use more specific princ...

    Feb 16, 2022

    0
    img

    Join the beta waitlist

    Enter your email to get notified when our product becomes available to try.

    Sign Up for the community

    Create your member profile to get involved with our content, programs, and events.