Allow IAM users to access a specific bucket

Last updated:2021-04-28 11:04:15

You can allow IAM users to access the example_bucket bucket so that they can add, update, and delete objects.
In addition to the ks3:PutObject, ks3:GetObject, and ks3:DeleteObject operation permissions, the following policy also grants other operation permissions required for the console, including the ks3:ListBuckets, ks3:GetBucketLocation, ks3:GetBucketAcl, and ks3:ListBucket operation permissions.

{
    "Statement":[
    {
       "Effect":"Allow",
       "Action":[
          "ks3:ListBuckets"
       ],
       "Resource":"krn:ksc:ks3:::*"
    },
    {
       "Effect":"Allow",
       "Action":[
          "ks3:ListBucket",
          "ks3:GetBucketLocation"
        ],
"Resource":"krn:ksc:ks3:::example_bucket"},
    {
       "Effect":"Allow",
       "Action":[
          "ks3:PutObject",
          "ks3:GetObject",
          "ks3:DeleteObject"
        ],
"Resource":"krn:ksc:ks3:::example_bucket/*"
    }
    ]
}

Did you find the above information helpful?

Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful

What might be the problems?

Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions

0/200

Please give us your feedback.

Submitted

Thank you for your feedback.

问题反馈