Intellipaat Back

Explore Courses Blog Tutorials Interview Questions
0 votes
2 views
in AWS by (19.1k points)

I want to create an AWS access key that only allows s3. That means the key can't be used with any other service. Is it possible? How?

1 Answer

0 votes
by (44.4k points)
edited by

Yeah, you can use AWS IAM.

For security purposes, you should not give anyone your root credentials, instead, make them an IAM User with specified roles and policies,

You can directly create users and policies from the IAM console:

 {

  "Version": "2012-10-17",

  "Statement": [

    {

      "Effect": "Allow",

      "Action": ["s3:ListAllMyBuckets"],

      "Resource": "arn:aws:s3:::*"

    },

    {

      "Effect": "Allow",

      "Action": [

        "s3:ListBucket",

        "s3:GetBucketLocation"

      ],

      "Resource": "arn:aws:s3:::bucket-name"

    },

    {

      "Effect": "Allow",

      "Action": [

        "s3:PutObject",

        "s3:GetObject",

        "s3:DeleteObject"

      ],

      "Resource": "arn:aws:s3:::bucket-name/*"

    }

  ]

}

Want more insights on AWS, Check out AWS Certification! 

Related questions

Want to get 50% Hike on your Salary?

Learn how we helped 50,000+ professionals like you !

0 votes
1 answer

31k questions

32.8k answers

501 comments

693 users

Browse Categories

...