Amazon Web Services (AWS) - Get S3 Bucket Policy using AWS CLI

by
Jeremy Canfield |
Updated: March 23 2024
| Amazon Web Services (AWS) articles
This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.
An S3 Bucket is similar to an NFS share in that it is a mountable storage volume.
A bucket policy grants certain permissions to certain resources. For example, one such policy would be to allow an Elastic Load Balancer to write logs to the S3 Bucket.
The aws s3api list-buckets command can be used to list your S3 buckets.
~]$ aws s3api list-buckets
{
"Buckets": [
{
"Name": "my-bucket-abcdefg",
"CreationDate": "2023-06-02T02:22:19+00:00"
}
],
"Owner": {
"DisplayName": "john.doe",
"ID": "ab0e0a41234567893a77c82240d5abcdc41ff11c123456789c777a5123443743"
}
}
Then the aws s3api get-bucket-policy​ command can be used to determine if the S3 Bucket has any Bucket Policies. In this example, the S3 Bucket has one policy.
]$ aws s3api get-bucket-policy --bucket my-bucket-abcdefg
{
"Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789012:root\"},\"Action\":\"s3:PutObject\",\"Resource\":\"arn:aws:s3:::my-bucket-abcdefg/my-application-load-balancer-logs/AWSLogs/123456789012/*\"}]}"
}
Did you find this article helpful?
If so, consider buying me a coffee over at