S3 桶策略仅自己可见

S3 Bucket Policy
Storage
发布日期:   2023-09-21
更新日期:   2024-04-01
文章字数:   92
阅读时长:   1 分
阅读次数:  

S3 桶策略仅自己可见,用allow放行自己,然后deny其他人,等于双重保险。

分析过程:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowSpecificUser",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::ACCOUNT-ID:user/username"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::YOUR-BUCKET-NAME",
                "arn:aws:s3:::YOUR-BUCKET-NAME/*"
            ]
        },
        {
            "Sid": "ExplicitDenyAllOthers",
            "Effect": "Deny",
            "NotPrincipal": {
                "AWS": "arn:aws:iam::ACCOUNT-ID:user/username"
            },
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::YOUR-BUCKET-NAME",
                "arn:aws:s3:::YOUR-BUCKET-NAME/*"
            ]
        }
    ]
}
文章作者: AWS Learner
文章链接: https://awser.netlify.app
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源 AWS Learner !
S3 Bucket Policy
评论
  目录