How to grant access only one S3 Bucket to AWS IAM User

aws

This tutorial we are going to perform steps for how to restrict an AWS IAM user’s access to a single S3 bucket.

S3 becomes actual standard for publishing files in the internet. When we work with the team, we might want to restrict an access of single S3 bucket to specific users. You can do it in IAM as follows.

Create a policy for AWS bucket

Go to Services >> IAM >> Policies >> Create Policy >>  JSON >>

Inset below policy here.

{

“Version”: “2012-10-17”,

“Statement”: [

{

“Effect”: “Allow”,

“Action”: [

“s3:GetBucketLocation”,

“s3:ListAllMyBuckets”

],

“Resource”: “arn:aws:s3:::*”

},

{

“Effect”: “Allow”,

“Action”: “s3:*”,

“Resource”: [

“arn:aws:s3:::YOUR-BUCKET-NAME”,

“arn:aws:s3:::YOUR-BUCKET-NAME/*”

]

}

]

}

PS: Please change YOUR-BUCKET-NAME with your S3 Bucket name.

Now click on ‘Review Policy’

Here it asks for policy name and description. After insert detailed click on ‘Create Policy’ button.

Now AWS created a new policy for only single S3-bucket access which named you to insert in policy.



Attach Policy to User and Group

Now attach this policy which user or group, you want to access only that bucket which mentioned you in policy and restricts remain bucket access.

For Now I am creating a New user and attach policy to that user.

Go To: Users >> Add user

After click on add new user enter your user name, Select Access type Programmatic Access and click on Next:Permissions button .

After that you will redirected to new page than select Attach existing policies directly.

In search bar enter your policy name that we have just created few mins ago, Select policy and click on Next:Tags Button.

than Next:Review Button and Create user.

NOTE: These credentials are visible and available to download as .csv file only once. So it’s better to save them in your system.

Now configure these credentials in your system to access bucket.

All! Done

AmritMatti

I’m the owner of “DevOpsTechy.online” and been in the industry for almost 5 years. What I’ve noticed particularly about the industry is that it reacts slowly to the rapidly changing world of technology. I’ve done my best to introduce new technology into the community with the hopes that more technology can be utilized to serve our customers. I’m going to educate and at times demonstrate that technology can help businesses innovate and thrive. Throwing in a little bit of fun and entertainment couldn’t hurt right?

AmritMatti

I’m the owner of “DevOpsTechy.online” and been in the industry for almost 5 years. What I’ve noticed particularly about the industry is that it reacts slowly to the rapidly changing world of technology. I’ve done my best to introduce new technology into the community with the hopes that more technology can be utilized to serve our customers. I’m going to educate and at times demonstrate that technology can help businesses innovate and thrive. Throwing in a little bit of fun and entertainment couldn’t hurt right?

View all posts by AmritMatti →

Leave a Reply

Your email address will not be published. Required fields are marked *