Last updated:2021-04-28 11:04:11
ACL | Bucket policy | User policy | |
---|---|---|---|
Policy type | Resource-based policy | Resource-based policy | User-based policy |
Resource operation | Only basic read/write operations are supported. | Many operations are supported, except service operations such as bucket list query. | Most operations are supported, including service operations such as bucket list query. |
Authorize other accounts | Supported | Supported | Not supported. You can create a role and select a trusted account for cross-account authorization. |
Authorize IAM users | Not supported | Supported | Supported |
Authorize roles | Not supported | Supported | Supported |
You want to grant resource-specific permissions to other accounts for cross-account access.
You want to grant resource-specific permissions to IAM users who do not need to log in to the console.
You want to grant resource-specific permissions to IAM users who need to log in to the console.
You want to assign specific roles to IAM users to grant them temporary permissions.
Did you find the above information helpful?
Please give us your feedback.
Thank you for your feedback.