Articles → AWS → Folder-Wise Access In The AWS S3 Bucket

Folder-Wise Access In The AWS S3 Bucket

In this article, we will provide folder-wise access to the AWS S3 bucket.

Scenario

Consider a scenario, where we have 2 folders inside the S3 bucket.

Picture showing 2 folders inside the S3 bucket

Click to Enlarge

We require to allow users to see the contents of folder1 but not of folder2.

Create A User

For this article, we will create a user test.

Picture showing the test user created in AWS console

Click to Enlarge

Create A Policy

The next step is to create a policy with the following JSON.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "sid1",
            "Action": [
                "s3:ListAllMyBuckets",
                "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": [
                "arn:aws:s3:::*"
            ]
        },
        {
            "Sid": "sid2",
            "Action": [
                "s3:ListBucket"
            ],
            "Effect": "Deny",
            "Resource": [
                "arn:aws:s3:::*"
            ],
            "Condition": {
                "StringEquals": {
                    "s3:prefix": [
                        "folder2/"
                    ]
                }
            }
        }
    ]
}

Finally, attach the policy with the user.

Output

Picture showing the user is able to access folder1

Click to Enlarge

Picture showing the error message when user is trying to access folder2

Click to Enlarge

Posted By -	Karan Gupta

Posted On -	Monday, June 6, 2022

Query/Feedback

Your Email Id		**

Subject		*

Query/Feedback	Characters remaining 250	**