How to use restrict S3 access with Cognito's Developer identifiersS3TransferManager-Sample | IAM getList policy issuesAuth0 and AWS PolicyProper s3 permissions for users uploading image files with carrierwaveAWS-IAM: Giving access to a single bucketBucket policy to allow Cognito user in User Pool access to S3 bucketHow can I allow cognito users to access their own S3 foldersHow can I recover from Access Denied Error on AWS S3?How to send data from S3 to vertica using IAM ROLE?How to identify which policy/role is granting access to S3 bucketRestrict access to S3 static website that uses API Gateway as a proxy
What is the precise meaning of "подсел на мак"?
How to avoid offending original culture when making conculture inspired from original
How to make a villain when your PCs are villains?
Testing thermite for chemical properties
Will users know a CardView is clickable?
What could be the physiological mechanism for a biological Geiger counter?
How to ask if I can mow my neighbor's lawn
First occurrence in the Sixers sequence
How can Caller ID be faked?
Manager wants to hire me; HR does not. How to proceed?
Catching a robber on one line
100-doors puzzle
...and then she held the gun
Fill the maze with a wall-following Snake until it gets stuck
On George Box, Galit Shmueli and the scientific method?
How would Japanese people react to someone refusing to say “itadakimasu” for religious reasons?
Why do you need to heat the pan before heating the olive oil?
Can you cover a cube with copies of this shape?
Would a 7805 5v regulator drain a 9v battery?
How did space travel spread through the galaxy?
How can this shape perfectly cover a cube?
How useful is the GRE Exam?
Is there a term for someone whose preferred policies are a mix of Left and Right?
How to prevent cables getting intertwined
How to use restrict S3 access with Cognito's Developer identifiers
S3TransferManager-Sample | IAM getList policy issuesAuth0 and AWS PolicyProper s3 permissions for users uploading image files with carrierwaveAWS-IAM: Giving access to a single bucketBucket policy to allow Cognito user in User Pool access to S3 bucketHow can I allow cognito users to access their own S3 foldersHow can I recover from Access Denied Error on AWS S3?How to send data from S3 to vertica using IAM ROLE?How to identify which policy/role is granting access to S3 bucketRestrict access to S3 static website that uses API Gateway as a proxy
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
On AWS Documentation, I found a way to restrict access by Identity ID with $cognito-identity.amazonaws.com:sub.
"Version": "2012-10-17",
"Statement": [
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::my-bucket/$cognito-identity.amazonaws.com:sub/*"
]
,
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:GetAccountPublicAccessBlock",
"Resource": "*"
]
But what I am wondering is are there any way to restrict access by the "Developer Identifier"? (Something like: arn:aws:s3:::my-bucket/$developer-identifier/*)
amazon-web-services amazon-cognito amazon-iam
asked Mar 25 at 4:11
naoteenaotee
367
add a comment |
On AWS Documentation, I found a way to restrict access by Identity ID with $cognito-identity.amazonaws.com:sub.
"Version": "2012-10-17",
"Statement": [
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::my-bucket/$cognito-identity.amazonaws.com:sub/*"
]
,
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:GetAccountPublicAccessBlock",
"Resource": "*"
]
But what I am wondering is are there any way to restrict access by the "Developer Identifier"? (Something like: arn:aws:s3:::my-bucket/$developer-identifier/*)
amazon-web-services amazon-cognito amazon-iam
asked Mar 25 at 4:11
naoteenaotee
367
1
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11
add a comment |
On AWS Documentation, I found a way to restrict access by Identity ID with $cognito-identity.amazonaws.com:sub.
"Version": "2012-10-17",
"Statement": [
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::my-bucket/$cognito-identity.amazonaws.com:sub/*"
]
,
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:GetAccountPublicAccessBlock",
"Resource": "*"
]
But what I am wondering is are there any way to restrict access by the "Developer Identifier"? (Something like: arn:aws:s3:::my-bucket/$developer-identifier/*)
amazon-web-services amazon-cognito amazon-iam
asked Mar 25 at 4:11
naoteenaotee
367
On AWS Documentation, I found a way to restrict access by Identity ID with $cognito-identity.amazonaws.com:sub.
"Version": "2012-10-17",
"Statement": [
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::my-bucket/$cognito-identity.amazonaws.com:sub/*"
]
,
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": "s3:GetAccountPublicAccessBlock",
"Resource": "*"
]
But what I am wondering is are there any way to restrict access by the "Developer Identifier"? (Something like: arn:aws:s3:::my-bucket/$developer-identifier/*)
amazon-web-services amazon-cognito amazon-iam
amazon-web-services amazon-cognito amazon-iam
asked Mar 25 at 4:11
naoteenaotee
367
asked Mar 25 at 4:11
naoteenaotee
367
asked Mar 25 at 4:11
naoteenaotee
367
asked Mar 25 at 4:11
naoteenaotee
367
asked Mar 25 at 4:11
naoteenaotee
367
367
1
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11
add a comment |
1
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11
1
1
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55331169%2fhow-to-use-restrict-s3-access-with-cognitos-developer-identifiers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55331169%2fhow-to-use-restrict-s3-access-with-cognitos-developer-identifiers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
No there isn't unfortunately.
– Ninad Gaikwad
Mar 26 at 6:11