Engineering

AWS Policy to Restrict Access to One S3 Bucket

By May 7, 2018 No Comments

For quick reference, you may need to create a policy for an AWS IAM user to only access one specific bucket, ‘BUCKET_NAME_HERE‘.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket"
            ],
            "Resource": [
                "arn:aws:s3:::BUCKET_NAME_HERE"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::BUCKET_NAME_HERE/*"
            ]
        }
    ]
}