How to give access for a user to list objects in a particular bucket - cniackz/public GitHub Wiki
Objective:
Show how to give access to particular bucket to a user.
Documentation:
Steps:
-
Deploy MinIO and have access to Console.
-
List a single S3 bucket named testing-bucket:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::testing-bucket"
]
}
]
}
Notice I added this action:
"s3:ListBucket"and resource is only for one bucket called:testing-bucket
- Now list the objects:
$ mc ls myminio/testing-bucket
[2023-03-14 12:21:43 EDT] 1.3KiB STANDARD README.md
Additions:
Additionally, if you want to list on any bucket you can have this policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:List*"
],
"Resource": [
"arn:aws:s3:::*"
]
}
]
}
- Again
"s3:List*"action under"arn:aws:s3:::*"resource will do the trick!