Amazon S3 Operations: Difference between revisions
Jump to navigation
Jump to search
(Created page with "=Internal= * Amazon S3") |
No edit summary |
||
Line 2: | Line 2: | ||
* [[Amazon S3#Concepts|Amazon S3]] | * [[Amazon S3#Concepts|Amazon S3]] | ||
=Grant an IAM Role Permissions on a Bucket= | |||
To grant an AWS account permissions on a bucket, edit the [[bucket policy]] and add a statement similar to the following to the list of existing statements: | |||
<syntaxhighlight lang='json'> | |||
{ | |||
"Version": "2012-10-17", | |||
"Statement": [ | |||
... | |||
{ | |||
"Sid": "PlaygroundCodeBuildAccessToPrivateMavenRepository", | |||
"Effect": "Allow", | |||
"Principal": { | |||
"AWS": "arn:aws:iam:: 673499572719:root" | |||
}, | |||
"Action": [ | |||
"s3:AbortMultipartUpload", | |||
"s3:ListBucketMultipartUploads", | |||
"s3:GetBucketLocation", | |||
"s3:ListBucket", | |||
"s3:PutObject", | |||
"s3:GetObject" | |||
], | |||
"Resource": [ | |||
"arn:aws:s3:::example-private-maven/*", | |||
"arn:aws:s3:::example-private-maven" | |||
] | |||
} | |||
] | |||
} | |||
</syntaxhighlight> | |||
where "example-private-maven" is the name of the bucket hosting the repository in question, and arn:aws:iam::673499572719:root stands for the AWS account. <font color=darkgray>More details here.</font> |
Revision as of 04:16, 13 February 2019
Internal
Grant an IAM Role Permissions on a Bucket
To grant an AWS account permissions on a bucket, edit the bucket policy and add a statement similar to the following to the list of existing statements:
{
"Version": "2012-10-17",
"Statement": [
...
{
"Sid": "PlaygroundCodeBuildAccessToPrivateMavenRepository",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam:: 673499572719:root"
},
"Action": [
"s3:AbortMultipartUpload",
"s3:ListBucketMultipartUploads",
"s3:GetBucketLocation",
"s3:ListBucket",
"s3:PutObject",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::example-private-maven/*",
"arn:aws:s3:::example-private-maven"
]
}
]
}
where "example-private-maven" is the name of the bucket hosting the repository in question, and arn:aws:iam::673499572719:root stands for the AWS account. More details here.