1

I created S3 bucket and I have added one user in IAM. Suppose my bucuket name sample123. When in bucket ploicy I mentioned resource like below statement user is not able to upload document.

Resource": "arn:aws:s3:::sample123"

But when resource is mentioned in policy as below , the user is able to upload document.

Resource": [ "arn:aws:s3:::sample123","arn:aws:s3:::sample123/*"]

what adding /* to ARN will do in policy. Note : I gave full bucket permissions to the user.

Aravind Babu Konda
  • 103
  • 1
  • 1
  • 9

1 Answers1

-1

sample123/* means the all objects in sample123 bucket.

doc of S3 ARN examples says:

The ARN format for Amazon S3 resources reduces to the following:

arn:aws:s3:::bucket_name/key_name

...

The following ARN uses the wildcard * in the relative-ID part of the ARN to identify all objects in the examplebucket bucket.

arn:aws:s3:::examplebucket/*

Also refer Example of S3 Actions with policy

shimo
  • 2,156
  • 4
  • 17
  • 21