IAM Policy to list specific folders inside a S3 bucket for an user

前端 未结 1 1950
谎友^
谎友^ 2021-01-22 07:01

I have below keys under the bucket demo.for.customers

demo.for.customers/customer1/
demo.for.customers/customer2/

Now I have

1条回答
  •  梦毁少年i
    2021-01-22 07:18

    Regarding your problems:

    1. Unfortunately there is no way to list only certain buckets. If the intent is just to allow access to the one known bucket, I would remove the first statement entirely as it does not add any value (the bucket is already known and would not need to be listed).
    2. Can you show the code you are using to list the bucket contents? Based on what you've shown here I would expect customer1 to only be able to list the bucket contents at the root of their prefix and nowhere else.

    Regarding your questions:

    1. Yes, there is no way to list certain buckets. The list buckets API is an all or nothing operation.
    2. This is done by prefix. What language are you using? We have a sample for the AWS Mobile SDKs that uses a Token Vending Machine to deliver per user access to an S3 bucket.

    0 讨论(0)
提交回复
热议问题