amazon-policy

Correct S3 Policy For Pre-Signed URLs

我的梦境 提交于 2019-12-09 17:29:43
问题 I need to issue pre-signed URLs for allowing users to GET and PUT files into a specific S3 bucket. I created an IAM user and use its keys to create the pre-signed URLs, and added a custom policy embedded in that user (see below). When I use the generated URL, I get an AccessDenied error with my policy. If I add the FullS3Access policy to the IAM user, the file can be GET or PUT with the same URL, so obviously, my custom policy is lacking. What is wrong with it? Here's the custom policy I am

Allow lambda to access particular s3 bucket in serverless config

时光总嘲笑我的痴心妄想 提交于 2019-12-04 11:43:24
How can I allow specific lambda to access to a particular s3 bucket in the serverless.yml? For example, I am porting file upload functionality to lambda by using serverless. To upload a file to a particular s3 bucket, I need to allow lambda to access to that s3 bucket. How can I do this in the serverless.yml? From Serverless Framework - AWS Lambda Guide - IAM : To add specific rights to this service-wide Role, define statements in provider.iamRoleStatements which will be merged into the generated policy. service: new-service provider: name: aws iamRoleStatements: - Effect: "Allow" Action: -