Bootstrap FreeKB - Amazon Web Services (AWS) - Get S3 Bucket Policy using AWS CLI
Amazon Web Services (AWS) - Get S3 Bucket Policy using AWS CLI
Updated:   |  Amazon Web Services (AWS) articles

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

An S3 Bucket is similar to an NFS share in that it is a mountable storage volume.

A bucket policy grants certain permissions to certain resources. For example, one such policy would be to allow an Elastic Load Balancer to write logs to the S3 Bucket.

The aws s3api list-buckets command can be used to list your S3 buckets.

~]$ aws s3api list-buckets
{
    "Buckets": [
        {
            "Name": "my-bucket-abcdefg",
            "CreationDate": "2023-06-02T02:22:19+00:00"
        }
    ],
    "Owner": {
        "DisplayName": "john.doe",
        "ID": "ab0e0a41234567893a77c82240d5abcdc41ff11c123456789c777a5123443743"
    }
}

 

Then the aws s3api get-bucket-policy​ command can be used to determine if the S3 Bucket has any Bucket Policies. In this example, the S3 Bucket has one policy.

]$ aws s3api get-bucket-policy --bucket my-bucket-abcdefg
{
    "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:root\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::my-bucket-abcdefg/my-application-load-balancer-logs/AWSLogs/123456789012/*\"}]}"
}

 

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 644c91 in the box below so that we can be sure you are a human.