DEVHIDE
Login Or Sign up

Access to S3 differ among different clients (CyberDuck vs ExpanDrive)

333 Views Asked by At

I have an s3 bucket with two folders (folder1 & folder2), I want all IAM users to access folder1 but only admins to access folder2.

So what I did is:
For admins: I added them to a group with s3 full access policy.

For other users: I added them to another group with the policy below.

This should work perfectly but for some reason when the users try to access folder2, the ones who used "Cyber Duck" got permission denied which is the required, but some of who used "ExpanDrive" were able to access folder2.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowListBucket",
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Sid": "DenyFolder2Access",
            "Effect": "Deny",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::*",
            "Condition": {
                "StringLike": {
                    "s3:prefix": "folder2/*"
                }
            }
        }
    ]
}

I cant see whats wrong here and I would appreciate any help with this.

amazon-web-services amazon-s3 amazon-iam cyberduck amazon-policy
Original Q&A
0

There are 0 best solutions below

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-S3

Related Questions in AMAZON-IAM

Related Questions in CYBERDUCK

Related Questions in AMAZON-POLICY

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.