Oluwatobi

Posted on Aug 4, 2024

Aws-S3-Bucket-Policy-Exploration

#aws #git #github

Project Description:

This project will guide you through creating a simple S3 bucket, defining a policy to manage access permissions, creating IAM Users and Groups, and assigning roles to each group.

Project Task:

Create an S3 Bucket
Understanding S3 Bucket Resource Base Policies
Create IAM users and Groups
Policy Configuration

Step 1: Create an S3 bucket

Navigate to the S3 service

Click the "Create bucket" button

Follow the prompts to configure your new S3 bucket ( maintain the default settings)

You might get this prompt, S3 naming convention is unique (You can't have two buckets with the same name in the whole of AWS infrastructure)
Add some extra characters or texts

Step 2: Understanding S3 Bucket Policies [How Amazon S3 works with IAM]

Scenario: As the cloud Architect, you're to

Create IAM users, and assign them to different groups

Group 1 - Developers [Users - Gift, grace]
Group 2 - Auditors [Ali, Josh]
Group 3 - Operations [ Samuel, Lovet]

Assign different roles (policies) to each group

Groups	Roles
Developers	EC2
Auditors	Billing and cost Management
Operation	Networking

Each Group has a lead, assign Resource-based policies within Amazon S3 only to the lead of each group

2.1 Creating groups and assigning permissions

Navigate to IAM

Select User groups

Create groups

Apply the same Steps to create the other groups

### 2.2 Creating and Adding Users

Apply the same Steps to create the Users you want

2.3 Assign Resource-based policies within Amazon S3 only to the lead of each group

Assuming the leads are

Auditors - Ali

Developers - Grace

Operations - Samuel

Navigate to the bucket you created

Select Permission

Edit Bucket Policy

Copy this code

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AddPublicReadCannedAcl",
            "Effect": "Allow",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::471112799800:user/Ali",
                    "arn:aws:iam::471112799800:user/Samuel",
                    "arn:aws:iam::471112799800:user/grace"
                ]
            },
            "Action": [
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": "arn:aws:s3:::bucketttesting/*",
            "Condition": {
                "StringEquals": {
                    "s3:x-amz-acl": "public-read"
                }
            }
        }
    ]
}

Edit the principal, Copy the ARN URL of the users

Edit the Resource, Copy the bucket ARN
You can edit the action if you want

Save Changes

Alternatively

Use the policy generator

Select S3 Bucket policy

Select Allow

Select any action, you can select as many as you like

Copy the bucket ARN

Select Generate Policy

Speedy emails, satisfied customers

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

DEV Community

Aws-S3-Bucket-Policy-Exploration

Project Description:

Project Task:

Step 1: Create an S3 bucket

Step 2: Understanding S3 Bucket Policies [How Amazon S3 works with IAM]

Scenario: As the cloud Architect, you're to

Create IAM users, and assign them to different groups

Assign different roles (policies) to each group

Each Group has a lead, assign Resource-based policies within Amazon S3 only to the lead of each group

2.1 Creating groups and assigning permissions

Apply the same Steps to create the other groups

Apply the same Steps to create the Users you want

2.3 Assign Resource-based policies within Amazon S3 only to the lead of each group

Alternatively

Speedy emails, satisfied customers

Top comments (0)

This site is built on Heroku

Read next

Querying S3 logs in a flash with DuckDB 🦆

Google Axion: A New Leader in ARM Server Performance

How to validate requests when using AWS Lambda Function Url

First Impressions of AWS DSQL with Lambda and Rust

Okay