1 Answer
- Newest
- Most votes
- Most comments
0
AWS SSO allows you to define inline policies for permission sets (Doc link). My suggestion would be to use an inline policy on that user group's SSO permission set they get assigned leveraging the s3:ListBucket
IAM action with the resource list being the buckets that you want to allow.
It's worth noting that you may need to be creative since there's a character limit (I think it's around 10k) which cannot be altered even by AWS.
answered 2 years ago
Relevant content
- Accepted Answerasked 2 months ago
- asked a year ago
- asked 3 years ago
- Accepted Answerasked 5 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 7 months ago
Thank you @carlo-mencarelli, However, unless I do not understand the s3:ListBucket permission does not filter the list of buckets the user sees. Do you have a working configuration in which you have
a
,b
,c
buckets in accounts butaws s3 ls
shows onlyc
usings3:ListBucket
Regards, Alon