Steve Borba

My notes, I hope they help you, feel free to comment/add to them

AWS S3

{
  "Sid": "Access-to-specific-VPCE-only",
  "Effect": "Deny",
  "Principal": "*",
  "Action": [
    "s3:DeleteObject",
    "s3:PutObject",
    "s3:GetObjectVersion",
    "s3:GetObject"
  ],
  "Resource": [
    "arn:aws:s3:::<BUCKET>",
    "arn:aws:s3:::<BUCKET>/*"
  ],
  "Condition": {
    "StringNotEquals": {
      "aws:sourceVpce": "<VPCE>"
    }
  }
}

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>