티스토리 뷰

공부

[s3] iam role or user policy

승가비 2023. 7. 30. 16:24
728x90

https://aws.amazon.com/ko/blogs/security/how-to-restrict-amazon-s3-bucket-access-to-a-specific-iam-role/

 

How to Restrict Amazon S3 Bucket Access to a Specific IAM Role | Amazon Web Services

April 2, 2021: In the section “Granting cross-account bucket access to a specific IAM role,” we’ve updated the second policy to fix an error. I am a cloud support engineer here at AWS, and customers often ask me how they can limit Amazon S3 bucket ac

aws.amazon.com

https://stackoverflow.com/questions/56678539/wildcard-at-end-of-principal-for-s3-bucket

 

Wildcard at end of principal for s3 bucket

I want to allow roles within an account that have a shared prefix to be able to read from an S3 bucket. For example, we have a number of roles named RolePrefix1, RolePrefix2, etc, and may create mo...

stackoverflow.com

https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-anonymous

 

AWS JSON policy elements: Principal - AWS Identity and Access Management

If your Principal element in a role trust policy contains an ARN that points to a specific IAM user, then IAM transforms the ARN to the user's unique principal ID when you save the policy. This helps mitigate the risk of someone escalating their privileges

docs.aws.amazon.com

 

728x90
댓글