Ends in
00
days
00
hrs
00
mins
00
secs
SHOP NOW

Valentine's Sale Extension - Get 20% OFF Any Reviewer. Use Coupon Code: CLOUD-DOJO

Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Associate Query on json policy

  • vijayasenthil-dhandapani

    Member
    July 31, 2020 at 4:20 am

    Hi friends i have a query in below policy , what i understand is1) there are 2 statments in policy

    2) first statement is allowing Get(read) and List access to entire bucket in account

    3)second statement is allowing PUTObject(write) access only to tutorialsdojo bucket{

    “Version”: “2012-10-17”,

    “Statement”: [

    {

    “Effect”: “Allow”,

    “Action”: [

    “s3:Get*”,

    “s3:List*”

    ],

    “Resource”: “*”

    },

    {

    “Effect”: “Allow”,

    “Action”: “s3:PutObject”,

    “Resource”: “arn:aws:s3:::tutorialsdojo/*”

    }

    ]

    }Query is how come 2nd statment allowing read access to tutorialsdojo bucket as the option is correct in practice test , i lack something in understanding this question . whether both statments is evaluated seperately or how or all read and list operations allowed by default and write is restricted only to tutorialsdojo bucket

  • TutorialsDojo-Support

    Member
    August 3, 2020 at 10:22 am

    Hello vijayasenthil-dhandapani

    For your question,

    – An IAM user with this IAM policy is allowed to read objects from the ‘tutorialsdojo’ S3 bucket.

    Based on the provided IAM policy, the user is only allowed to get (s3:Get*), write(s3:PutObject), and list (s3:List*) all of the objects for the ‘tutorialsdojo’ s3 bucket. Since get and list policies are *, the policy is applicable in all resources.

    The s3:PutObject basically means that you can submit a PUT object request to the S3 bucket to store data.

    I hope this helps.

    Regards,

    Gerome Pagatpatan @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now