Product: ProfileUnity/FlexApp
Product Version: 6.8.5
Expires on: 365 days from publish date
Updated: Aug 2, 2023
Resolution:
Example IAM policy for role-based S3 access in ProfileUnity and FlexApp 6.8.5 and newer
When looking to use ProfileUnity and FlexApp with S3 storage with IAM roles rather than access keys, a role and policy need to be created.
Here is an example policy, you'd replace myBucketNameHere
with your actual bucket name.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:GetInventoryConfiguration",
"s3:ListBucketVersions",
"s3:ListBucket",
"s3:DeleteObject",
"s3:GetBucketAcl",
"s3:GetBucketLocation"
],
"Resource": [
"arn:aws:s3:::myBucketNameHere/*",
"arn:aws:s3:::myBucketNameHere"
]
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": "*"
}
]
}