Reputation: 1584
AWS access to S3 bucket's folder for user groups
I understand that in AWS we can control access to AWS S3 bucket as well as to contained folders for each user by using username variable in the bucket IAM policy. I followed this blog: Writing IAM Policies: Grant Access to User-Specific Folders in an Amazon S3 Buckete
The question is that I do not see how this can be possible also for groups. Because I want to create folders for groups rather than folders for users. According to this IAM Policy Elements: Variables and Tags I understand that there is NO variable group that I can use in the policy.
Any idea? thanks
Upvotes: 0
Views: 276
Answers (1)
Reputation: 270294
I don't think this would be possible because an IAM User an be in multiple IAM Groups, so the name of the folder would not be predictable.
Instead, you would need to add a policy to each group that grants access to a specific bucket + path.
Upvotes: 1
Related Questions
- AWS S3 Bucket Access file permission
- S3 bucket policy, how to ALLOW a IAM group from another account?
- AWS S3 folder permission for users
- AWS IAM bucket permissions access denied
- Grant AWS IAM Group access to a single S3 Bucket
- Assign Amazon S3 access permissions to a specific group of users
- How to give external AWS IAM user access to specific S3 Bucket folder
- Allow multiple users access to private S3 folder using IAM roles
- Enabling AWS IAM Users access to shared bucket/objects
- Bucket permissions on Amazon