AWS Bucket Policy to be used for the below requirements.
- Grant access of S3 Bucket to other AWS account.
- Restrict access to List and Download objects from it, nothing more nothing extra.
Script to extract yesterday date
{ "Sid": "Allow Bucket Read access from below AWS accounts",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::123456789012:root",
"arn:aws:iam::121314151617:root",
"arn:aws:iam::181912021222:root"
]
},
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": "arn:aws:s3:::cyberkeeda-limited-access-bucket/*"
}
]
})
{
"Sid": "Allow Bucket Read access from below AWS accounts",
"Effect": "Allow",
"Principal": {
"AWS": [
"arn:aws:iam::123456789012:root",
"arn:aws:iam::121314151617:root",
"arn:aws:iam::181912021222:root"
]
},
"Action": [
"s3:Get*",
"s3:List*"
],
"Resource": "arn:aws:s3:::cyberkeeda-limited-access-bucket/*"
}
]
})Hope this snippet, helps you !