Saturday, 29 October 2016

12:33

S3 Bucket Policy To Make a Folder Private

Ajeet Khan  ,  1 comment

How to Make a Folder or Directory Private in Public S3 bucket

AWS provides an option called NotResource (not found in the Policy Generator currently). The "NotResource" element lets you grant or deny access to all but a few or your resources, by allowing you to specify only those resources to which your policy should not be applied.


Usecase - Allow access to all objects in mybucket except the private directory

Following would be the required policy:














{
  "Sid": "AllowAccessToAllExceptPrivate",
  "Action": [
    "s3:GetObject",
    "s3:GetObjectVersion"
  ],
  "Effect": "Allow",
  "NotResource": [
    "arn:aws:s3:::mybucket/prefix1/prefix2/private/*",
    "arn:aws:s3:::mybucket/prefix1/prefix2/private"
  ],
  "Principal": {
    "AWS": [
      "*"
    ]
  }
}



























Related Posts







COMMENT!







        1 comments:
      










































        

      







Subscribe to:
Post Comments (Atom)


























 




















Copyright @ 2013 Appychip. 
  
Designed by Appychip
    &
  YouTube Channel