[Amazon S3] Which AWS Permissions the component needs?

Forge Component
(9)
Published on 2018-04-06 by Formiga
9 votes
Published on 2018-04-06 by Formiga

Hello.


We are using the component in our project, to test it we give ALL Access to the API but now that we are going to promote it to the quality envinronment, we would like to assign just the needed permissions for it to work...


For example, here's a list of AWS API Operations

https://docs.aws.amazon.com/AmazonS3/latest/API/API_Operations.html


We gave the component the following permissions;


s3:DeleteObject

s3:GetObject

s3:ListBucket

s3:PutObject


But we are getting Access Denied when trying to upload something to it... There's any other permissions that we should give to upload a file?


Thanks in advance

UP!!


I have the same doubt.

Renato Silva wrote:

UP!!


I have the same doubt.

Hello Renato.


I did some tests on my personal environment and got this list as minimal permissions that the component needs to FetchFile, Save and Delete.


                "s3:DeleteObject",
                "s3:GetObject",
                "s3:PutObject",
                "s3:PutObjectAcl"


You may need some other permissions, depending on your usage and if you want access to the files when loging-in on the website bucket itself, but those are the basic ones.


Regards,


Lucas Vilela