USE CASE EXAMPLE:
- We have to provide a single bucket access to a user.
- Need a S3 bucket for your application.
What WE'LL BE DOING:
- Create a S3 bucket, We can also used existing one if we have.
- Create a Single IAM user Bucket policy.
- Create a IAM user
- Attached the permission to the user that we have created in step 3.
STEP 1: CREATE A S3 BUCKET
- Go to the S3 bucket console.
- Click on Create bucket option.
- Type the name of the bucket and click on create bucket option.
STEP 2 : CREATE A IAM USER POLICY
- Go to IAM console
- Click on Policies and then click on Create Policy.
- Select JSON option and paste the below json script.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::*"
},
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::YOUR-BUCKET-NAME",
"arn:aws:s3:::YOUR-BUCKET-NAME/*"
]
},
{
"Effect": "Deny",
"Action": "s3:DeleteBucket",
"Resource": [
"arn:aws:s3:::YOUR-BUCKET-NAME",
"arn:aws:s3:::YOUR-BUCKET-NAME/*"
]
}
]
}- Next type the policy name and click on create policy.
Note: Change the highlighted bucket name with your bucket name.
Step 3: Create an IAM User
- Click on Users.
- Click on Add User.
- Type the User Name.
- Select the AWS access type Programmatic access or Console or Both.
- Click on Attach existing policies.
search for policies that we have created earlier and select. - Click on Create user.
By using the above tutorial we have created a IAM user and provide a access of single bucket only.