Amazon S3 Operations: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
* [[Amazon S3#Concepts|Amazon S3]] | * [[Amazon S3#Concepts|Amazon S3]] | ||
=Grant an AWS Account | =Command Line Operations= | ||
{{Internal|Amazon S3 Command Line Operations|Command Line Operations}} | |||
=Grant an AWS Account Permissions on a Bucket= | |||
To grant an AWS account permissions on a bucket, edit the [[Amazon_S3_Concepts#Bucket_Policy|bucket policy]] and add a statement similar to the following to the list of existing statements: | To grant an AWS account permissions on a bucket, edit the [[Amazon_S3_Concepts#Bucket_Policy|bucket policy]] and add a statement similar to the following to the list of existing statements: | ||
| Line 19: | Line 23: | ||
}, | }, | ||
"Action": [ | "Action": [ | ||
"s3:ListBucket", | |||
"s3:ListBucketMultipartUploads", | |||
"s3:AbortMultipartUpload", | "s3:AbortMultipartUpload", | ||
"s3:GetBucketLocation", | "s3:GetBucketLocation", | ||
"s3: | "s3:GetObject", | ||
"s3: | "s3:GetObjectVersion", | ||
"s3: | "s3:PutObject" | ||
], | ], | ||
"Resource": [ | "Resource": [ | ||
| Line 37: | Line 42: | ||
where "example-private-maven" is the name of the bucket hosting the repository in question, and arn:aws:iam::673499572719:root stands for the AWS account. <font color=darkgray>More details here.</font> | where "example-private-maven" is the name of the bucket hosting the repository in question, and arn:aws:iam::673499572719:root stands for the AWS account. <font color=darkgray>More details here.</font> | ||
=a= | =Create an S3 Bucket With CloudFormation= | ||
==AWS::S3::Bucket== | |||
{{External|[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html AWS::S3::Bucket]}} | |||
Resources: | |||
TestBucket: | |||
Type: AWS::S3::Bucket | |||
Properties: | |||
BucketName: !Sub '${AWS::StackName}-test-bucket' | |||
AccessControl: BucketOwnerFullControl | |||
'''Naming''' If no "BucketName" property is specified, the bucket will be named based on the pattern <''stack-name''>-<''resource-name-all-lowercases''>-2a3et4c9f3bas. A custom name can be set with "BucketName". | |||
=Upload a File to an S3 Bucket via a CloudFormation Stack that Creates the Bucket= | |||
= | <font color=darkgray>TODO: https://serverfault.com/a/845336</font> | ||
Latest revision as of 00:54, 8 April 2019
Internal
Command Line Operations
Grant an AWS Account Permissions on a Bucket
To grant an AWS account permissions on a bucket, edit the bucket policy and add a statement similar to the following to the list of existing statements:
{
"Version": "2012-10-17",
"Statement": [
...
{
"Sid": "PlaygroundCodeBuildAccessToPrivateMavenRepository",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::673499572719:root"
},
"Action": [
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:AbortMultipartUpload",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:GetObjectVersion",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::example-private-maven/*",
"arn:aws:s3:::example-private-maven"
]
}
]
}
where "example-private-maven" is the name of the bucket hosting the repository in question, and arn:aws:iam::673499572719:root stands for the AWS account. More details here.
Create an S3 Bucket With CloudFormation
AWS::S3::Bucket
Resources:
TestBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub '${AWS::StackName}-test-bucket'
AccessControl: BucketOwnerFullControl
Naming If no "BucketName" property is specified, the bucket will be named based on the pattern <stack-name>-<resource-name-all-lowercases>-2a3et4c9f3bas. A custom name can be set with "BucketName".