This policy allows the user “MyUser” to access the “mysharedfolder” folder inside the “my-bucket” S3 bucket, and perform actions like getting, putting, and deleting objects within that folder. The policy also includes a condition that limits access to the specified user. By using the ARN format for the S3 bucket and folder, the policy allows for more precise access control.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::my-bucket"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject",
"s3:DeleteObject"
],
"Resource": [
"arn:aws:s3:::my-bucket/mysharedfolder/*"
]
}
]
}
Note: You will need to replace “my-bucket” with the name of your own S3 bucket and “mysharedfolder” with the name of your own shared folder. You will also need to attach this policy to the IAM user “MyUser” in order for it to take effect.