16-07-2022, 10:43 PM
I was able to figure this out. The sample JSON scripts don't really get you all the way there, but here's what I used.
{
"Id": "Policy1658008936181",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1658008933263",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws
3::3bucketname",
"Principal": {
"AWS": [
"arn:aws:iam::accountnumber:user/admin-w"
]
}
}
]
}
I built the statement using the Policy Generator, but it doesn't build it all the way, so you have to go back and add the "arn.aws.iam::accountnumber:user/user-name" line. Not sure why this is, but now that I know, I wanted to pass this along. This may be a noob pitfall, but hopefully this will help someone else at some point.
{
"Id": "Policy1658008936181",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1658008933263",
"Action": "s3:*",
"Effect": "Allow",
"Resource": "arn:aws
3::3bucketname","Principal": {
"AWS": [
"arn:aws:iam::accountnumber:user/admin-w"
]
}
}
]
}
I built the statement using the Policy Generator, but it doesn't build it all the way, so you have to go back and add the "arn.aws.iam::accountnumber:user/user-name" line. Not sure why this is, but now that I know, I wanted to pass this along. This may be a noob pitfall, but hopefully this will help someone else at some point.