IAM-Create a policy to deny the access of Specific bucket.

 

Policy

  1.  Create a policy to deny the access of Specific bucket.

1)     Create IAM user --> abc

2)     Select abc user then go to permissions

3)    Click on add permissions and add AmazonS3FullAccess
then again create inline policy for deny the access of Specific bucket


4)    Select a service --> service --> S3



5)    In actions allowed --> effect – select deny
select Actions PutObject, ListBucket, GetObject


6)    In Resources --> select specific
In Bucket --> click Add ARNs --> "arn:aws:s3:::your-bucket-name"
In Object --> click Add ARNs --> "arn:aws:s3:::your-bucket-name/*" ( * bcoz to apply for all objects)



7)    Enter policy name --> click on create policy



Comments

Post a Comment

Popular posts from this blog

IAM-Create a policy to place the user in a group only.

Image
  Policy Create a policy to place the user in a group only. 1)   Create IAM user -->  abc 2)   Select abc user then go to permissions 3)   Click on add permissions and click create inline policy ( or you can create policy separately and then attach to user) 4)   Select a service -->  service  -->  IAM 5)  In actions allowed --> effect – select allow select Actions  -->   ListUsers, AddUserToGroup, GetUser, ListGroups, GetGroup 6) Enter policy name -->  click on create policy
Read more