Create an AWS Passkey That Only Permits s3

Question

Create an AWS Passkey That Only Permits s3

I want to create an AWS passkey that only allows s3. This means that the key cannot be used with any other service. Is it possible? How?

+4

amazon-s3 amazon-web-services amazon-iam

Phương Nguyễn Apr 16 '14 at 10:09

source share

2 answers

, IAM aws :

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt1397557252000",
      "Effect": "Allow",
      "Action": [
        "s3:*"
      ],
      "Resource": [
        "arn:aws:s3:::*"
      ]
    }
  ]
}

+5

E.J. Brennan 16 . '14 11:50

Ratan Sharma · Accepted Answer · 2014-04-16T11:37:11+0000

Is it possible

Yes. You can use AWS Identity and Access Management (IAM)

Ideally, you should never give administrator / master credentials for anything other than creating different IAMs.

Therefore, create different users with the necessary securities and create access keys for them and use them.

AS

AWS Console IAM

 {
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": ["s3:ListAllMyBuckets"],
      "Resource": "arn:aws:s3:::*"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:ListBucket",
        "s3:GetBucketLocation"
      ],
      "Resource": "arn:aws:s3:::bucket-name"
    },
    {
      "Effect": "Allow",
      "Action": [
        "s3:PutObject",
        "s3:GetObject",
        "s3:DeleteObject"
      ],
      "Resource": "arn:aws:s3:::bucket-name/*"
    }
  ]
}

S3Browser, , this

Create an AWS Passkey That Only Permits s3

More articles: