Hands-On-Lab | AWS S3 Bucket Policy and Identity Policies

Hello There,

Greetings!!!

Welcome back!!!

In this hands on practice, we are going to explore the application of Identity i.e. IAM policies and Bucket Policies on AWS S3 bucket to try to delete the objects uploaded into the S3 bucket.

We will perform following steps -

1. Create an IAM user
2.Create a demo S3 bucket
3. Assign an identity policy to the IAM user created in first step and assign an identity policy to enable the user to upload and download the objects in to S3 bucket.
4. Login to AWS management console with the IAM user created earlier and explore the S3 bucket , we will try to upload and download the files to the bucket.
5. We will try to delete the uploaded object where we will get an error due to permission issue.
6. Then we will assign a bucket policy to allow the delete operation of the objects for the IAM user.
7. Post this , we can notice we are now able to delete the uploaded objects in S3 bucket as IAM user.
8. We will assign a deny policy to the IAM user to deny the 'deleteobjects' operation for the S3 bucket
9.Now we can notice we are getting the same error as we received earlier this is due to explicit deny in the identity i.e. IAM policy supersedes the bucket policy.

I hope you will explore this demo and will understand the concept.

Please like,share, comment and subscribe to my YouTube channel ' Cloud With Mohsin'

Happy Learning :)

Видео Hands-On-Lab | AWS S3 Bucket Policy and Identity Policies канала cloud with mohsin