Amazon IAM permissions list only one bucket

Currently I have group with a policy that looks like this:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "Stmt1449507915000",
            "Effect": "Allow",
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::artmakeit",
                "arn:aws:s3:::artmakeit/*"
            ]
        },
        {
            "Sid": "ListAllBuckets",
            "Action": "s3:ListAllMyBuckets",
            "Effect": "Allow",
            "Resource": "*"
        }
    ]
}

So, the IAM user, my client, can access his bucket correctly. But I am wondering if I can only let him see his bucket and not the complete list of my buckets. Is there a way to achieve this? I guess I should change the ListAllBuckets permission, but I don't know what to write instead, any ideas?

Answers


If users intend to access their buckets via the AWS Management Console, then they require the ListAllBuckets permission.

It is not possible to 'hide' the complete bucket list when using the console -- either they see them all or none at all.

Access via other methods (eg the AWS Command-Line Interface (CLI) or an API call) does not require that this permission be assigned.


Need Your Help

Cascading Combo Box does not function properly

asp.net combobox

I've two combo-box(Countries and States). Combo-box 2 (States) should load associated States with the value selected in the Combo-box 1(Countries).

All checkins for a tag in svn

svn

How can I find out all checkins in to a Relase.