July Release Confetti
150+ New Courses, Hands‑On Labs, And
Interactive Learning Activities Learn More

Popular Certification Courses

AWS AWS Certified Cloud Practitioner Certified Solutions Architect - Associate Certified Developer - Associate Certified SysOps Administrator - Associate Certified DevOps Engineer - Professional Certified Solutions Architect - Professional Certified Big Data Specialty Certified Advanced Networking Specialty Certified Security Specialty
Google Cloud Platform Google Certified Professional - Cloud Architect - P 1 Google Certified Professional - Cloud Architect - P 2 Google Certified Professional - Cloud Architect - P 3 Google Cloud Certified Professional Data Engineer Google Cloud Certified Associate Cloud Engineer
Security Certified Ethical Hacker AWS Certified Security Specialty
Linux Professional Institute (LPI) Linux Essentials - Exam 010 - Newly Refreshed! Linux+ and LPIC-1: System Administrator - Exam 101 Linux+ and LPIC-1: System Administrator - Exam 102 LPIC-2: Linux Engineer Exam 201 LPIC-2: Linux Engineer Exam 202 LPI DevOps Tools Engineer Certification
Red Hat Red Hat Certified Systems Administrator - RHCSA (EX200) Prep Course Red Hat Certified Engineer - RHCE (EX300) Prep Course Red Hat Certified Engineer in Red Hat OpenStack (EX310K) Prep Course Red Hat Certified Specialist in Ansible Automation (EX407) Prep Course Red Hat Certified Specialist in Containerized Application Development (EX276) Prep Course Red Hat Certified Specialist in Server Hardening (EX413) Prep Course (OpenShift) Red Hat Certified Specialist in Platform-as-a-Service exam (EX280) Prep Course
Microsoft Implementing Microsoft Azure Infrastructure Exam 70-533 Architecting Microsoft Azure Solutions Exam 70-534
Linux Foundation Certified System Administrator Certified Systems Engineer
Containers Cloud Native (CKA) Certified Kubernetes Administrator Docker Certified Associate Prep Course
OpenStack Linux Academy Red Hat Certified Engineer in Red Hat OpenStack Prep Course (EX310K) Linux Academy’s OpenStack Certified Mirantis 100 Prep (OCM100) OpenStack Foundation Certified OpenStack Administrator
CompTIA Linux+ LX0-103 Linux+ LX0-104 CompTIA Cloud Essentials Certification
DevOps Basic Chef Fluency Badge Chef Local Cookbook Development Badge Docker Certified Associate Prep Course Nagios Certified Professional PPT-204: Puppet 204 - System Administration Using Puppet Cloud Foundry Certified Developer LPI DevOps Tools Engineer Certification SaltStack Certified Engineer

Cross-Account Access to S3 Buckets and Objects

Length: 00:17:53

Lesson Summary:

Securing S3 buckets for access via a single account can often be challenging enough. In this lesson we'll step through how to provide access to buckets and objects using Cross-Account policies and roles. We review the pros and cons of each, and discuss appropriate usage.

https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-8

https://aws.amazon.com/premiumsupport/knowledge-center/s3-bucket-owner-access/

https://aws.amazon.com/blogs/security/iam-policies-and-bucket-policies-and-acls-oh-my-controlling-access-to-s3-resources/

{
  "Statement":[
    {
      "Effect":"Allow",
      "Principal":{"AWS":"311407276115"},
      "Action":"s3:PutObject",
      "Resource":["arn:aws:s3:::la-permissionsdemo/*"]
    },
    {
      "Effect":"Deny",
      "Principal":{"AWS":"311407276115"},
      "Action":"s3:PutObject",
      "Resource":"arn:aws:s3:::la-permissionsdemo/*",
      "Condition": {
        "StringNotEquals": {"s3:x-amz-acl":"bucket-owner-full-control"}
      }
    }
  ]
}

This lesson is only available to Linux Academy members.

Sign Up To View This Lesson
Or Log In

Looking For Team Training?

Learn More

© Linux Academy. All rights reserved.

Pinehead® and the Linux Academy logo® is the registered trademark of Linux Academy in the U.S. and other countries.

Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.