Articles → AWS → Folder-Wise Access In The AWS S3 Bucket

Folder-Wise Access In The AWS S3 Bucket

In this article, we will provide folder-wise access to the AWS S3 bucket.

Scenario

Consider a scenario, where we have 2 folders inside the S3 bucket.

Picture showing 2 folders inside the S3 bucket

We require to allow users to see the contents of folder1 but not of folder2.

Create A User

For this article, we will create a user test.

Picture showing the test user created in AWS console

Create A Policy

The next step is to create a policy with the following JSON.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "sid1",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::*"
            ]
        },
        {
            "Sid": "sid2",
            "Action": [
                "s3:ListBucket"
            ],
            "Effect": "Deny",
            "Resource": [
                "arn:aws:s3:::*"
            ],
            "Condition": {
                "StringEquals": {
                    "s3:prefix": [
                        "folder2/"
                    ]
                }
            }
        }
    ]
}

Finally, attach the policy with the user.

Output

Picture showing the user is able to access folder1

Picture showing the error message when user is trying to access folder2

Posted By -	Karan Gupta

Posted On -	Monday, June 6, 2022

Query/Feedback

Your Email Id		**

Subject		*

Query/Feedback	Characters remaining 250	**