AWS S3 policy generator

The tool

What for ?

The AWS Policy Generator is a tool that enables you to create policies that control access to Amazon Web Services (AWS) products and resources. “

Enables to specify fine-grained rules for all the actions to be performed on resources.

How ?

Specify your rules
Click Add statement
Repeat 1 + 2 until satisfaction
Click Generate policy
Copy-paste the JSON to your bucket authorization strategy ( MY-BUCKET > Authorizations > Bucket Strategy )
Save, and voilà !

Examples

Note that the Sid can be changed but needs to be unique. This can be useful to describe a policy

Denying bucket deletion to everyone

{
  "Id": "Policy1507xxxxxxx",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt150xxxxxxx", 
      "Action": [
        "s3:DeleteBucket"
      ],
      "Effect": "Deny",
      "Resource": "arn:aws:s3:::MY-BUCKET/",
      "Principal": "*"
    }
  ]
}

Static hosting without public listing

{
  "Id": "Policy1507xxxxx",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "Stmt150xxxxxxxx",
      "Action": [
        "s3:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::MY-BUCKET/",
      "Principal": "*"
    }
  ]
}

Improve everyday.

AWS S3 policy generator

The tool

What for ?

How ?

Examples

Denying bucket deletion to everyone

Static hosting without public listing

Comments

Improve everyday.

AWS S3 policy generator

The tool

What for ?

How ?

Examples

Denying bucket deletion to everyone

Static hosting without public listing

Related Posts

Watching (and reacting) to changes in a directory 14 May 2018

Generic functions in Python 21 Mar 2018

Spying process output by PID 06 Mar 2018

Comments