AWS S3 Bucket Policy Setup for Specific Bucket Access

Setting: You want to allow user to upload data to S3 bucket using amazon cli, but do not want this specific user to see what other buckets are there in you aws account.

Solution: This can be done by setting up a policy below.

"Version": "2012-10-17",
"Statement": [
"Sid": "some_number",
"Effect": "Allow",
"Action": [
"Resource": [

If you also want to user to list all other buckets as well. Add the following additional statement to the statement section

"Effect": "Allow",
"Action": "s3:ListAllMyBuckets",
"Resource": [

Note: Replace “bucket-name” with the name of your bucket. Also, note the Sid should be your Sid. I use the “policy generator” to help generate the policy by modifying the setting from the reference below.

Listing the content of bucket-name

aws s3 ls s3://bucket-name --region ap-northeast-2 --profile s3-bucket-username

Uploading the directory myfile_folder to the bucket

aws s3 cp myfile_folder s3://bucket-name --region ap-northeast-2 --profile s3-bucket-username

You can also try sync function

aws s3 sync myfile_folder s3://bucket-name --region ap-northeast-2 --profile s3-bucket-username



Author: Bhoom Suktitipat

My name is Bhoom Suktitipat. I am currently an assistant professor at Faculty of Medicine Siriraj Hospital, Mahidol University.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.