Configuring IAM Authentication for Amazon S3 and Amazon S3 V2 Connectors

Configuring IAM Authentication for Amazon S3 and Amazon S3 V2 Connectors

Create a Minimal Amazon S3 Bucket Policy

Create a Minimal Amazon S3 Bucket Policy

The minimal Amazon S3 bucket policy restricts user operations and user access to a particular Amazon S3 bucket by assigning an AWS IAM policy to the users. You can configure the AWS IAM policy through the AWS console.
You can use the following minimum required actions when you use Amazon S3 Connector and Amazon S3 V2 Connector to successfully read data from and write data to Amazon S3 bucket:
  • PutObject
  • GetObject
  • DeleteObject
  • ListBucket
  • GetBucketPolicy
  • ListBucketMultipartUploads. Applicable only for mappings in advanced mode.
Do not add the GetBucketPolicy permission in the Amazon S3 bucket policy when you use Amazon S3 V2 Connector. Amazon S3 V2 Connector does not support the GetBucketPolicy permission.
The following snippet shows a sample Amazon S3 bucket policy for Amazon S3 Connector:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject","s3:DeleteObject", "s3:ListBucket", "s3:GetBucketPolicy" ], "Resource": [ "arn:aws:s3:::<bucket_name>/*", "arn:aws:s3:::<bucket_name>" ] } ] }
The following snippet shows a sample Amazon S3 bucket policy for Amazon S3 V2 Connector:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject", "s3:DeleteObject", "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::<bucket_name>/*", "arn:aws:s3:::<bucket_name>" ] } ] }

0 COMMENTS

We’d like to hear from you!