Data Engineering Integration
- Data Engineering Integration 10.5.2
- All Products
Tag
| Description
|
---|---|
Principal
| The user, service, or account that receives permissions that are defined in a policy.
Assign the owner of the S3 bucket resources as the principal.
The S3 bucket owner and the owner of resources within the bucket can be different.
|
Action
| The activity that the principal has permission to perform.
In the sample, the Action tag lists two put actions and one get action.
You must specify both get and put actions to grant read and write access to the S3 resource.
|
Resource
| The S3 bucket, or folder within a bucket.
Include only resources in the same bucket.
|
{ "Version": "<date>", "Id": "Allow", "Statement": [ { "Sid": "<Statement ID>", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::<account_2_ID>:<user>" } "Action":[ "s3:PutObject","s3:PutObjectAcl", "s3:GetObject" ] "Resource": [ "Resource": "arn:aws:s3:::<bucket_1_name>/foldername/*" ] }