Characteristics of Amazon S3 Bucket Security:
User-Based
IAM Policies
Resource-Based
Bucket Policies bucket wide rules from the S3 console
Object Access Control List (ACL) – finer grain
Bucket Access Control List (ACL) – less common
Encryption S3
- JSON Based Policies
Resource : Buckets and objects
Effect : Allow / Deny
Actions : set of API allow or deny
Principal : the account or user to apply the policy - Use S3 bucket for policy to Grant public access to the bucket
force object to be encrypted at upload
grant access to another account (Cross Account)
Steps to config the security of bucket policy for Amazon S3 Bucket Security:
Click on edit
Click Policy Generator
Choose S3 bucket Policy
Example of generator policy
Paste the policy
Links
Leave a Reply
You must be logged in to post a comment.