Table of Contents

Search

  1. Preface
  2. Part 1: Hadoop Integration
  3. Part 2: Databricks Integration
  4. Appendix A: Connections

Step 1. Identify the S3 Access Policy Elements

Step 1. Identify the S3 Access Policy Elements

Identify the principal, actions, and resources to insert in the access policy.
The following table describes the tags to set in the access policy:
Tag
Description
Principal
The user, service, or account that receives permissions that are defined in a policy.
Assign the owner of the S3 bucket resources as the principal.
The S3 bucket owner and the owner of resources within the bucket can be different.
Action
The activity that the principal has permission to perform.
In the sample, the Action tag lists two put actions and one get action.
You must specify both get and put actions to grant read and write access to the S3 resource.
Resource
The S3 bucket, or folder within a bucket.
Include only resources in the same bucket.

Sample S3 Policy JSON Statement

The following JSON statement contains the basic elements of an S3 bucket access policy:
{ "Version": "<date>", "Id": "Allow", "Statement": [ { "Sid": "<Statement ID>", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<account_2_ID>:<user>" } "Action":[ "s3:PutObject","s3:PutObjectAcl", "s3:GetObject" ] "Resource": [ "Resource": "arn:aws:s3:::<bucket_1_name>/foldername/*" ] }