• mark dagley
    0
    Hi I am trying to implement the best practices when it comes to our backups and wanted to ensure that my AWS user only have access to the buckets they need to and have the minimum permissions.

    My user has the following policy linked to it but I get an access denied, can anyone tell me what permissions I am missing?

    Policy
    {
    "Version": "2012-10-17",
    "Statement": [
    {
    "Effect": "Allow",
    "Action": [
    "s3:ListBucket",
    "s3:GetBucketAcl",
    "s3:GetBucketVersioning",
    "s3:GetBucketRequestPayment",
    "s3:GetBucketLocation",
    "s3:GetBucketPolicy"
    ],
    "Resource": [
    "arn:aws:s3:::Bucket1",
    "arn:aws:s3:::Bucket2",
    "arn:aws:s3:::Bucket3"
    ],
    "Condition": {}
    },
    {
    "Effect": "Allow",
    "Action": [
    "s3:GetObject",
    "s3:DeleteObject",
    "s3:DeleteObjectVersion",
    "s3:GetObjectAcl",
    "s3:GetObjectVersion",
    "s3:GetObjectVersionAcl",
    "s3:PutObject",
    "s3:PutObjectAcl",
    "s3:PutObjectVersionAcl"
    ],
    "Resource": [
    "arn:aws:s3:::Bucket1/*",
    "arn:aws:s3:::Bucket2/*",
    "arn:aws:s3:::Bucket3/*"
    ],
    "Condition": {}
    },
    {
    "Effect": "Allow",
    "Action": "s3:ListAllMyBuckets",
    "Resource": "*",
    "Condition": {}
    }
    ]
    }
  • Alexander Negrash
    32
    If you are not using the Managed version you don't need sts и ses in the policy
bold
italic
underline
strike
code
quote
ulist
image
url
mention
reveal
youtube
tweet
Add a Comment