- Newest
- Most votes
- Most comments
ListAllMyBuckets will not be effective via resource based policy, it should rather be granted via Identity Access Management role/user/policy. Bucket policy is resource based policy and it would be effective for actions which are specific to that bucket objects only, not the bucket or buckets in itself. Even if you include s3:*, ListAllMyBuckets would still be ineffective if not granted via IAM role/policy.
Please refer this comparison document and s3 action support for ABAC for better understanding.
Since you already listed this documentation, which gives list of services, that support ABAC/Resource based policy etc.
Hope you find this useful.
Abhishek
Each action only supports certain conditions, and ABAC is a condition that is not supported by ListAllMyBuckets.
More information: https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html
Relevant content
- Accepted Answerasked 2 years ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated a year ago