Create isolated bucket on S3

  1. setup
    1. create IAM group
      1. add simple, custom policy below
      2.  do not add any other policies to group
    1. create IAM user and put in above IAM group
      1. create and download key and secret for user
    2. create bucket "mybucket01" in S3
      1. you don't have to touch perms of bucket itself
  2. client
    1. install s3fox addon for Firefox from www.s3fox.net
      1. older versions FAIL! get it only at www.s3fox.net
    2. open s3fox addon
      1. Firefox -> Tools -> S3 Organizer
    3. add only one user to "Manage Accounts" using user key and secret
    4. in right-hand window of s3fox add "/mybucket01" NOT "/"
      1. "/" will give you "Access Denied"
        1. because user does not have perms to list root buckets, only itself
{
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:ListAllMyBuckets",
            "Resource": "arn:aws:s3:::mybucket01"
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::mybucket01",
                "arn:aws:s3:::mybucket01/*"
            ]
        }
    ]
}   

Comments

Popular posts from this blog

Openvpn and unbound combined break dig command

Stress Linux system: stress-ng

Google Nexus 4: permanent back panel glass repair for less than a penny