This tutorial will explain you about how to create custom IAM policy to access S3 Bucket using AWS Policy Generator

 

AWS Policy Generator

AWS policy Generator is a tool that is used to create custom policies easily and correctly.Using this tool you can create different policies like S3 Bucket Policy, SQS Queue Policy, VPC Endpoint Policy , IAM policy and SNS Topic policy.

 

Read About: Important AWS Services you must know

&&  Domain Name Server -How DNS works ?

 

In this tutorial we will learn to create a custom IAM policy to access S3 bucket using this tool.

 

 Generate Custom IAM Policy to access a AWS S3 Bucket

 

 Scenario : Let suppose we have a S3 Bucket name  devopsmyway with no public access. We want to create a Custom IAM policy with List Bucket, Get Object and Put Object access and attach this IAM policy to an IAM user. In other words, an IAM user with this policy can access the S3 bucket only to see objects inside the bucket  , upload and download objects to and from the bucket.

 

Recommended Article : Complete Guide to Create  and access AWS S3 Bucket and IAM User

 

Step 1– Click on the following AWS Policy Generator link to create a custom IAM  policy.

https://awspolicygen.s3.amazonaws.com/policygen.html

 

Add Statement with the following  options for ListBucket

 

Select Type of Policy –   IAM Policy

Effect –  Allow

AWS Service – Amazon S3

Action – ListBucket

Amazon Resource Name(ARN) –  arn:aws:s3:::devopsmyway

 

Click on Add Statement

 

Again Add Statement with the following  options for GetObject and PutObject

 

Select Type of Policy –   IAM Policy

Effect –  Allow

AWS Service – Amazon S3

Action – ListObject  , PutObject

Amazon Resource Name(ARN) –  arn:aws:s3:::devopsmyway/*

 

Click on Add Statement

 

 

The following Screen will appear.

 

Click on Generate Policy

 

 

The following screen will appear with JSON Document.

 

Copy this JSON Script and click on Close.

 

 

Create Policy

 

Step 2 – Login to your AWS Account and navigate to Services—-> IAM (under Security, Identity, & Compliance)———-> Policies then Click on Create Policy———-> Navigate to JSON

The following Screen will appear

Remove the default JSON policy

 

Paste the IAM policy created and copied in Step 1 and click on Review Policy

 

Enter the Policy Name and Click on Create Policy

 

Attach Policy

Attach the Policy to an existing  IAM User or IAM role

For IAM User

Click on Services—-> IAM (under Security, Identity, & Compliance)———-> Users  and Click on a User——->Add Permissions———> Navigate to Attach Existing Policies directly —— > Search for the Policy and select it ——-> Next: Review ———-> Add Permissions

For IAM Role

Click on Services—-> IAM (under Security, Identity, & Compliance)———-> Roles then Click on a Role—-> Attach Policies- —— > Search for the Policy and select it ——-> Attach Policy

 

 

 

Click to tweet this Tip !

I hope you enjoyed this tutorial and learned about AWS Policy Generator to create Custom IAM policy  . If you think this is really helpful, please do share this article with others as well. Please also share your valuable feedback, comment, or any query in the comment box. I will really happy to resolve your all queries any.

Thank You