Menu
I am trying to allow connection to a bucket from 3 specified ip addresses. When I add them this way:
{
"Version": "2008-10-17",
"Id": "S3PolicyId1",
"Statement": [
{
"Sid": "IPDeny",
"Effect": "Deny",
"Principal": {
"AWS": "*"
},
"Action": "s3:*",
"Resource": "arn:aws:s3:::bucket/*",
"Condition": {
"NotIpAddress": {
"aws:SourceIp": "ip1",
"aws:SourceIp": "ip2",
"aws:SourceIp": "ip3"
}
}
}
]
}
Upon saving only one line of the three will be kept and so I can only have one IP set. Any idea how can I do it without going to long adding new statements and workarounds?
990
{
"Version": "2008-10-17",
"Id": "testPolicy",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::bucketname/subfolder/subfolder2/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"xxx.xxx.xxx.xxx/32",
"xxx.xxx.xxx.xxx/32"
]
}
}
}
] }
97
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With