July 17, 2022

AWS S3 : Bucket Permissions for File/Folder Management

Here's a quick bucket configuration to allow file/folders or objects (in AWS S3 terms) when u're developing api for File/Folder Management features using AWS S3 as File Storage.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::your-arn-number:user/your-arn-user"
            },
            "Action": [
                "s3:ListBucket", 
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:GetObjectAcl",
                "s3:PutObjectAcl",
                "s3:PutObject"
            ],
            "Resource": [
                "arn:aws:s3:::your-bucket-name",
                "arn:aws:s3:::your-bucket-name/*"
            ]
        }
    ]
}

The configuration above will allow any file/folder operations : list/create/delete/update/move inside the AWS S3 bucket, also enable Access Control List ( set object visibility to private/public/etc ) Operations for specific AWS S3 Object.

That's all!

Comments